Panera Bread appears to have failed to fix a customer data leak for more than eight months after getting a heads-up from an independent security researcher. Here's what others should learn from the bakery café chain's mistakes.
Processing and parsing intelligence from all sources - external and internal, structured and abstract - across three important categories is essential to a proactive, predictive threat intelligence framework, says Verizon's Ashish Thapar
CISOs increasingly are summoned to present to their Boards of Directors. But too often these presentations fail to frame the right topics with the right metrics, says Jacob Olcott of BitSight. He offers advice for maximizing the opportunity in front of the Board.
Cyber SOCs, the next generation of security operations centers, need to use a new approach to detecting emerging attacks, says Aadesh Gawde of the IT risk consultancy ProVise Consulting, who offers implementation tips.
Under Armour says an unauthorized intruder gained access to information for the accounts of 150 million users of its MyFitnessPal mobile app and website. Learn why some fear the breach could lead to a massive phishing campaign.
Leading the latest edition of the ISMG Security Report: Ransomware hits the city of Atlanta, Baltimore's 911 system as well as aviation giant Boeing. Plus, WikiLeaks and its Julian Assange get taken for a ride by Russian intelligence.
As mobile payments continue to grow in South Africa, it's important that application developers build security into their apps and correctly implement tokenization standards, says Jeremy King, international director of the PCI Security Standards Council.
With the explosion of laptops, IoT, tablets, smartphones and other smart technologies, endpoints are the single largest group of devices inside your network today. Managing all of your assets and their software requires three foundational steps.
Boeing says that a malware outbreak affected a small number of systems but did not disrupt production. An executive has reportedly identified the malware as being WannaCry ransomware and called for "all hands on deck" to respond to the incident.
The intensive discussion between the Supreme Court and the CEO of UIDAI on recent Aadhaar-related data leaks could result in the court recommending that the Ministry of Law and Justice make amendments to the Aadhaar Act and direct the UIDAI to build a far more robust security framework.
India's Haryana Power Corporation has confirmed that a hacker cryptolocked its billing system, demanding a ransom in exchange for the decryption key. The organization says it has refused to pay. The attack is a reminder that the power sector continues to be targeted by hackers.
Five days after a ransomware outbreak crypto-locked city systems, Atlanta has advised its 8,000 employees that they can once again boot their PCs and printers. But information security experts warn that the city's infrastructure still appears to have easily exploitable misconfigurations.
The alleged leader of a cybercrime gang tied to more than $1 billion in losses has been arrested in Alicante, Spain. Authorities say "Denis K." is a Ukrainian national who led a gang that developed Carbanak and Cobalt malware to infect PCs as well as perpetrate ATM jackpotting attacks.
Ransomware has struck the city of Atlanta and frozen internal and customer-facing applications, hampering residents from paying bills or accessing court information. But the city says it has working backups and expects to pay employees on time.
Facebook CEO Mark Zuckerberg broke five days of silence as pressure intensifies on Facebook to account for a data leak to a voter-profiling firm that worked for the Trump campaign. In a lengthy blog post, Zuckerberg has pledged to make changes to better protect personal data. But is it too late?