Organizations looking to build a better breach response strategy need to emphasize the basics, including ensuring they have a well-qualified response team in place, security experts, including attorney Ron Raether, advise.
A multi-layered approach known as "context-aware security" is the most effective strategy for fighting both insider and external cyberthreats, says Gartner analyst Avivah Litan, who explains how this strategy works.
Internet users in the European Union can ask Google and other search engines to remove certain sensitive information from Internet search results, Europe's highest court ruled on May 13. ENISA praised the "landmark decision" on privacy.
Embedding some information security practitioners within business units could help improve IT security awareness in many enterprises, reducing security risk, says Steve Durbin, global vice president of the Information Security Forum.
Conventional wisdom dictates that the high demand for IT security practitioner would cause salaries to rise, perhaps significantly. But a new study by SANS shows only a slight fattening of paychecks for many IT security professionals.
Leading this week's industry news roundup, FireEye has announced plans to acquire nPulse Technologies, which offers a network forensics solution, while CA Technologies joins the FIDO Alliance, which is developing authentication standards.
HDFC Bank launched a new cybercrime training program for police. The goal: help officers improve response to fraud and other crimes. What are the program's key elements, and how will success be measured?
"Security as a business enabler" was the mantra echoing through the recently concluded 2014 Infosecurity Europe conference in London, a message that should have been heeded by top executives at retailer Target last year.
Verizon's latest annual breach report shows that Web application attacks increased more than malware-fueled point-of-sale intrusions in 2013, says Ashish Thapar, who provides an overview of the report's findings.
Too many organizations have a device-centric BYOD policy that fails to look at big picture issues, including building a comprehensive strategy for protecting corporate information no matter how it's accessed, says Ian Evans of AirWatch.