By applying analytics to user behavior, organizations can better prioritize the actual risks facing their business, thus helping cut through the sheer volume of security alerts they face daily, says Doug Copley, deputy CISO of Forcepoint.
Megaupload Founder Kim Dotcom plans to appeal a New Zealand High Court ruling that found him and three colleagues eligible for extradition to the U.S. The four men are charged with profiting by allowing the trade of copyright-protected content on their file-sharing platform.
Responding to disruptive data breaches, dealing with Mirai botnets, hacking back and the need for enterprises to segment their backup environments were just some of the topics dominating this year's RSA Conference in San Francisco.
Fooling hackers into giving up traceable information about themselves through "reflective" social engineering is helping researchers curb fraud losses and protect would-be victims, say Dell Secureworks researchers Joe Stewart and James Bettke.
A new website is now available for reporting medical device vulnerabilities, says Dale Nordenberg, M.D., executive director of the Medical Device Innovation, Safety and Security Consortium, who explains how MD-VIPER works in this in-depth interview.
Amidst the increasing security chaos facing individuals and organizations, one of the dominant themes at this year's RSA Conference was the need for information security professionals to do more, bringing order to enterprise IT security as well as by influencing public policy.
Federal regulators have signed a $5.5 million HIPAA settlement with a Florida-based healthcare system for breaches related to unauthorized employee access to more than 100,000 patients' information in a case that subsequently led to federal criminal charges.
This edition of the ISMG Security Report features updates from RSA Conference 2017 on emerging technologies, the forthcoming White House cybersecurity executive order and Microsoft's call for a "Digital Geneva Convention."
The threat landscape for financial institutions has changed considerably since the DDoS attacks of 2012. Rich Bolstridge of Akamai Technologies tells how the definition of "adequate cybersecurity" has also shifted.
Increasingly, security leaders want to migrate from disparate point solutions to integrated security platforms. Kevin Flynn and Ravid Circus of Skybox Security lay out the business and security benefits.
Entities across all industry sectors appreciate the need for ensuring secure relationships with their third-party service providers. Jasson Casey of SecurityScorecard discusses new solutions for achieving those secure relationships.