Cyber adversaries are resilient and move quickly, so it'st critical that organizations share threat intelligence in an automated way, says Shawn Henry of CrowdStrike Services. But that sharing has been hampered by a lack of understanding of why it's important and how organizations can benefit, he says.
A cybersecurity vulnerability discovered in open source software used by organizations conducting genomic analysis could potentially have enabled hackers to affect the accuracy of patient treatment decisions. But the vulnerability was patched before hackers took advantage of it, researchers believe.
Canonical Ltd., a British company that offers commercial support and services for the popular Ubuntu Linux open source operating system, is investigating a hack of its GitHub page over the weekend. The source code for the system was not affected, the company says.
Britain's privacy watchdog has proposed a record-breaking $230 million fine against British Airways for violating the EU's General Data Protection Regulation due to "poor security arrangements" that attackers exploited to steal 500,000 individuals' payment card data and other personal details.
Where is the data, who has access to it, and how is it being secured? These are among the top questions inherent in any third-party risk program. Cris Ewell, CISO of UW Medicine, shares insight from his experience managing vendor risk.
When it goes into effect in 2020, the California Consumer Privacy Act will give citizens of that state greater control over their personal data. Ginger Armbruster, the chief privacy officer for the city of Seattle, believes this trend toward greater personal privacy will spread across the U.S.
For years, security leaders focused primarily on malicious insiders - those who intend to do harm to an organization. But CISOs are increasingly concerned about the accidental insider. And Anne-Marie Scollay of Axiom Law has a program targeting this growing threat.
Critics say blockchain is a technology looking for a purpose, but Microsoft's David Houlding says organizations are using blockchain today to validate identities and to help prevent fraud. He shares use cases and emerging best practices.
HSBC paid a record $1.92 billion fine for money laundering violations in 2012. But no one ever went to jail for the crimes. Whistleblower Everett Stern discusses lessons learned from the case and the concept of "too big to jail."
Increasingly, regulators are looking to hold individual executives accountable for data breaches. This is where attorney Aravind Swaminathan steps in to represent security leaders in legal actions. What are the potential liabilities?
New regulations are leading enterprises to rethink how they secure customer data. At the same time, businesses are subject to more risk from their third-party partners. Chis Niggel of Okta explains how these two trends are complicating enterprise security.
A major challenge in ensuring medical device security is tracking all of these devices, says Safi Oranski of CyberMDX, who offers a review of other critical issues.
Many types of cyberattacks are undetectable by conventional security technologies, which places applications at risk, says Franklyn Jones of Cequence Security, who shares his company's latest research on this topic.
Enterprises need to consider ethical guidelines when creating new types of artificial intelligence and machine learning, says Diana Kelley of Microsoft, who explains how companies can create responsible new technologies.
The California Consumer Privacy Act likely represents the start of a new era of privacy laws designed to protect personal data, says Kelsey Finch of the Future of Privacy Forum.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.