Mobile app-based ecommerce is surging forward in India's smartphone-saturated market. After Meru Cabs' data exposure earlier in May, security experts analyze legal liability, secure development & incident response.
Breached dating website FriendFinder allegedly missed email warnings from security researchers that its site had been breached and customers' data was being sold on a "darknet" site. What can other businesses learn from that apparent mistake?
A game-changing impact of the Edward Snowden leaks about previously secret National Security Agency surveillance activities is the increased use of encryption, such as to protect email, says Peter Swire, a former White House chief privacy counsel.
It's no surprise that virus-wielding hackers are exploiting Internet of Things devices. Blame too many device manufacturers rushing products to market, skimping on secure development practices and failing to audit the third-party code they use.
This year's Infosecurity Europe conference in London is offering a top-notch range of sessions, ranging from how to battle cybercrime and social engineering to building a better security culture and workforce. Here's my list of must-see sessions.
With growing vulnerabilities and changing cyberthreats, CISOs must leverage threat intelligence models to gauge attackers' motives, says FireEye's Rich Costanzo, who calls on CISOs to "re-imagine" security.
Britain's computer emergency response team - CERT-UK - reports that malware remains the dominant mode of online attack for cybercriminals, and Zeus their most preferred tool of choice. But the team is promoting a free information-alert service to help.
While the "Logjam" vulnerability raises serious concerns, there's no need to rush related patches into place, according to several information security experts. Learn the key issues, and how organizations must respond
Because healthcare organizations are juggling so many information security, privacy and regulatory demands, hiring individuals with key professional certifications who can help optimize limited resources is critical, says security expert Steven Penn.
In addition to providing training, healthcare organizations should consider implementing technology to help prevent user mistakes that can lead to breaches of protected health information, says Geoffrey Bibby of ZixCorp.
Numerous websites, mail servers and other services - including virtual private networks as well as "all modern browsers" - have a 20-year-old flaw that could be exploited by an attacker, computer scientists warn.
When security succeeds, it is often unnoticed. That success might also make security investments hard to sustain, given its low profile in organizations. Gartner's Tom Scholtz discusses articulating security's business value.