Delaware has become the second state - the first was Connecticut - to require organizations to provide residents one year of free credit monitoring services if their sensitive personal information is compromised in a data breach. Will other states take similar action?
Could proposed legislation force manufacturers and healthcare entities to put more effort into bolstering the cybersecurity of medical devices? In an interview, cybersecurity expert Joshua Corman provides in-depth analysis on the movement to improve the state of medical device security.
Vendors that provide the U.S. government with internet-connected devices would need to ensure they can be patched, don't include hard-coded passwords that can't be changed and are free of known security vulnerabilities, according to a new, bipartisan Senate bill.
Australia's mandatory data breach notification law, which goes into effect next February, brings a host of new requirements. Gordon Hughes, an attorney and data protection expert, discusses what organizations need to be aware of ahead of its implementation.
A discussion on the latest happenings in the darknet marketplace leads the latest edition of the ISMG Security Report. Also, getting to the bottom of Russia's Democratic Party hack could be the ultimate goal of a lawsuit filed against the Donald Trump presidential campaign.
Who are the top security analytics (SA) providers, and what sets them apart? Forrester researched, analyzed and scored the 11 most significant SA vendors to help organizations evaluate their offerings.
Download this whitepaper and learn:
Who the top four leaders in the market are;
Why security and risk (S&R)...
For public sector agencies caught between the prohibitive cost of a formal security operations center (SOC) and the wholly inadequate protection from an informal SOC, there is a solution: building a SOC that automates as much of the work as possible.
Download this whitepaper and learn:
How automation can help a...
A public sector agency that makes use of security intelligence and analytics takes the burden off its OPSEC team. Powerful machine analytics can make associations among traces of evidence and identify security events much more quickly and efficiently than humans can. Automation enables you to respond to an incident in...
When a threat actor targets your environment, a process unfolds from initial intrusion through eventual data breach - if that threat actor is left undetected. The modern approach to cybersecurity requires a focus on reducing MTTD and MTTR, where threats are detected and killed early in their lifecycle, thereby...
A discussion that explores the predicament many information security managers face when deciding which security technologies to buy in a glutted market leads the latest edition of the ISMG Security Report. Also: An update on cyber flaws in connected vehicles and the latest from Infosecurity Europe.
New legislation calls for an overhaul of the federal government's software vulnerability disclosure policies following the ransomware outbreak that was fueled by the leak of a stolen National Security Agency cyberweapon.
The House of Representatives has passed the Modernizing Government Technology Act, which supporters contend could help improve the security of the government's information networks. "It will keep our digital infrastructure safe from cyberattacks while saving billions of dollars," says bill sponsor Rep. Will Hurd.
The figure sounds alarming, 60 percent of small companies went belly up within six months of a breach. And that stat was repeated several times by lawmakers as a House panel debated - and approved - a bill aimed at helping small businesses battle hackers. But is that number true?