More cybersecurity specialists are making the leap from long-time careers in law enforcement, the military and the government to the private sector, says Dale Meyerrose, a retired U.S. Air Force Major General, who explains why.
Credit rating agency Moody's Corp. warns that cyber defenses as well as breach detection, prevention and response will be higher priorities in its analysis of the creditworthiness of companies across all sectors, including healthcare and financial services.
Dell is moving to patch a customer-support application preinstalled on many laptops and PCs after security researchers found that it installs a root certificate that could be abused by attackers to intercept private data.
The surge in data breaches has left millions of consumer records compromised. As a result, fraudsters have all they need to open bogus accounts, which cost banks huge losses linked to what Greg Shelton of LexisNexis Risk Solutions calls "sleeper fraud."
Too many security awareness and education programs fail because they're boring, says Lance Spitzner, research and community director for the SANS Institute's "Securing the Human" program. Read his suggested fixes.
LabMD's recent victory in its long legal battle with the Federal Trade Commission will be short-lived, the medical testing lab's CEO predicts. Find out why, and what changes Michael Daugherty hopes the case will bring to FTC's enforcement practices.
As the unfolding investigation into the Paris attacks shows, just sharing threat-related data - without adding the crucial context that turns it into actionable intelligence - won't help organizations block attacks.
Starwood Hotels and Resorts has confirmed a point-of-sale breach, but card issuers say they don't believe the Starwood breach is isolated, and that fraud patterns indicate that another, perhaps larger breach, is impacting cards across the country.
NICE's Rodney Petersen sees too many government agencies and businesses using old-school methods to identify and recruit IT security professionals. Consequently, they often fail to build their cybersecurity staffs.
CERC's head Ponnurangam Kumaraguru (PK) says industry bodies and the government should take the onus of evolving a blueprint to build the capacity of info security professionals with a well laid-out incentive program to attract new entrants.
Despite near-constant warnings from law enforcement officials and the information security community, too many organizations still aren't taking security seriously, experts warned at the Irish Cyber Crime Conference in Dublin.
The moment a successful defense is deployed, attackers find new ways to break into networks. In this video interview, Dr. Dale Meyerrose describes the damage wreaked by APTs and the strategies organizations can use to keep attackers at bay.
Discussions I recently moderated around mobile security indicate that Indian practitioners have significant doubts about the effectiveness and applicability of mobile security solutions such as MDM and others.