Leading the latest edition of the ISMG Security Report: Years of massive data breaches have fueled an increase in synthetic identity fraud, in which fraudsters combine real and bogus details to create more effective fake identities. Plus, has "The Dark Overlord" hacking group finally met its match?
Although the National Institutes of Health is implementing strong privacy measures as it begins its effort to enroll 1 million volunteers to contribute data to its "All of Us" precision medicine research project, there are still risks involved, says privacy attorney Kirk Nahra.
With the rise of P2P payment networks and the U.S. working toward a real-time national payments network, the push is on to battle fraudsters. Also, attackers are hacking legitimate websites to more stealthily distribute "Gandcrab" crypto-locking ransomware.
Eduard Goodman, global privacy officer of CyberScout, doesn't like the disorganized way most cyber incidents are handled now. Instead, he would like to see a more project management approach. Here are the benefits he foresees.
If operational technology systems need to get connected to IT systems, it's essential to have tight controls on the network, says Lam Kwok Yan, professor of computer science and engineering at Nanyang Technological University in Singapore.
We all know about May 25 and the enforcement deadline for Europe's General Data Protection Regulation. But what impact will GDPR have on cybersecurity programs? Danny Rogers of Terbium Labs weighs in on the topic.
How might blockchain improve digital identity proofing in the healthcare sector? The National Health Information Sharing and Analysis Center and security vendor Trusted Key are testing that out with a proof-of-concept application.
From open banking to emerging technology and the evolving needs of millennial customers, financial institutions are experiencing unprecedented change. How does this impact the risk and regulatory landscapes? Kevin Malicki of Harland Clarke shares insight.
How do we establish and maintain digital trust without burdening our users? What are the critical questions that need to be addressed by anyone managing identity and access management in a modern enterprise? David Duncan of CA Technologies offers answers to these questions.
Business email compromise and account takeover attacks haven't faded; they've just morphed. Wes Dobry of Agari discusses the new wave of these attacks and how organizations can do a better job of detecting and responding to them.
Makers of internet of things devices - especially those that handle health information - must implement protections into their product development lifecycle to effectively safeguard consumers' data, says regulatory attorney Elliot Golding.