Latest editorial and guest blogs on information security careers

The Fraud Blog with Tracy Kitten

Tracking fraud incidents and trends wherever -- and however -- they occur.

Visa Clarifies Merchants Have EMV Debit Routing Options

Tracy Kitten • November 22, 2016

After complaints from merchants and an update from the Fed, Visa has modified debit routing rules, noting that merchants can route U.S. EMV debit transactions through any of more than a dozen available networks, and not just Visa's. The move could have implications for chip-and-PIN use.

Cybersecurity Assessment Tool Use Not 'Truly' Voluntary

Information Sharing: A Powerful Crime-Fighting Weapon

The Public Eye with Eric Chabrow

Keeping tabs on federal government efforts to protect citizens' privacy

DHS Cybersecurity Agency Could Get a New Name and a Revamp

Eric Chabrow • December 13, 2017

What does the title National Protection and Programs Directorate mean to you? It's not so clear, unless you are familiar with the Department of Homeland Security's organizational chart. To clarify its mission, the House has voted to rename - and revamp - the DHS agency.

Trump Campaign Aide Knew Early About Hacked Democratic Emails

Dearth of Support for Kaspersky at Congressional Hearing

Safe & Sound with Marianne Kolbasuk McGee

Insights on the security and privacy of healthcare information.

A Summer of Data Breach Discontent

Marianne Kolbasuk McGee • August 16, 2019

When we look at many of the biggest healthcare data breaches reported so far this summer, two big culprits pop out: ransomware attacks and vendor mishaps. What other trends will emerge?

'Survivor' Lessons from an Attack on Dental Practice

Adoption of Security Best Practices: A Status Report

Euro Security Watch with Mathew J. Schwartz

Tracking security and privacy trends across UK, Europe and beyond

NSA Is Latest Intelligence Agency to Sound VPN Patch Alarm

Mathew J. Schwartz • October 9, 2019

The U.S. National Security Agency is the latest intelligence agency to warn that unpatched flaws in three vendors' VPN servers are being actively exploited by nation-state attackers. Security experts say such alerts, which are rare, are a clear sign that serious damage is being caused.

Developers' Code Reuse Security Conundrum: Cut, Paste, Fail

Zynga's Breach Notification: How Not to Inform Victims

The Expert's View with Jeremy Kirk

Insights from industry experts

Creating a 'Defensible' Cybersecurity Program

Jeremy Kirk • August 27, 2019

Organizations need to create a "defensible" cybersecurity program that has a mandate and executive endorsement, says Gartner's Tom Scholtz. I. Here are some points to keep in mind when drafting a program.