New comments from the CEO of Sony Pictures about the film studio's response in the aftermath of a massive cyber-attack highlight the need for all organizations to ensure their business continuity plans specifically address cyber-attack risks.
Once a file enters the network, we often lack the tools to monitor the file's behavior. In essence, using the point-in-time model, the security professional cannot retry the file for guilt or innocence.
The latest entrant into the password "hall of shame" is Sony Pictures Entertainment. As the ongoing dumps of Sony data by Guardians of Peace highlight, Sony apparently stored unencrypted passwords with inadequate access controls.
Sophisticated threats require advanced threat protection. A threat-focused next-generation firewall must adhere to three strategic imperatives. Learn how these imperatives improve defense against advanced threats.
Enterprises need to think beyond malware, breaches and insider threats when assessing information security. Keeping hardware up and running - available - is a crucial aspect of securing essential data.
White House Cybersecurity Coordinator Michael Daniel is under fire for perceived 'bragging' about his lack of technical expertise. But was Daniel, in fact, bragging? And is he off base in saying his job doesn't require deep technical experience?
A security expert and average consumers respond differently to the eBay breach. As most customers retain a high degree of faith in online merchant security, the expert believes eBay committed a serious sin in its lack of strong authentication.
It's hurricane season, but natural and man-made disasters can happen anytime. Unfortunately, healthcare organizations are often unprepared for how to rebound so their data operations continue to run smoothly and securely in the wake of a crisis.
"Security as a business enabler" was the mantra echoing through the recently concluded 2014 Infosecurity Europe conference in London, a message that should have been heeded by top executives at retailer Target last year.
The No. 1 reason Congress, after five years of intensive efforts, has yet to enact comprehensive cybersecurity legislation is differences over how much liability protection to grant businesses to get them to share cyberthreat information.