As the Cambridge Analytica scandal continues to unfold, Congress seeks answers from Facebook, calling on CEO Mark Zuckerberg to testify. Also in the latest edition of the ISMG Security Report: Is it possible to build a secure digital wallet for storing cryptocurrency?
We all know that our organization's data may exist on the dark web. Much like a dollar bill of any demonetization looks and feels basically the same, a $1 bill is not worth the same as a $50 or a $100, your organization's potential risk equates to how much your exposed data is worth.
So, how do organizations...
A group of suspected Chinese cyber espionage actors, dubbed TEMP.Periscope or Leviathan, has re-emerged, targeting the maritime industry as well as others, according to a report from FireEye. Many of those targeted have connections to the South China Sea.
States will not have the full range of much-needed cybersecurity practices and equipment in place for this year's U.S. midterm elections. But efforts underway might deliver many much-needed improvements in time for the 2020 elections, Homeland Security Secretary Kirstjen Nielsen tells a Senate committee.
Multinational semiconductor maker Advanced Micro Devices has confirmed that there are 13 flaws in some of its chipsets that could be exploited to manipulate chip firmware for malicious purposes. AMD plans to provide fixes in the form of firmware updates that it claims should not affect system performance.
Governing cyber risk does not have to feel like crossing a minefield. In this webinar, Andy Norton of Lastline provides insight into the the simple traps that organizations fall into, how to correctly estimate the probability of a data breach and how to ensure appropriate remediation of a threat takes place.
A recent alert from the Department of Homeland Security warning of vulnerabilities in certain medical imaging products from GE Healthcare is a reminder to other medical device makers and healthcare entities about the risks posed by hardcoded and default credentials.
To help identify and mitigate the next generation of Spectre and Meltdown speculative execution flaws in CPUs, Microsoft and Intel are offering researchers up to $250,000 if they share their discoveries as part of a coordinated vulnerability disclosure program.
Privacy attorney Kirk Nahra offers an analysis of the New York state attorney general proposing updates to the state's data security laws and issuing a substantial financial penalty in a HIPAA violations case.
President Donald Trump's nominee to head the National Security Agency and U.S. Cyber Command, Lt. Gen. Paul Nakasone, faces two Senate committee hearings as part of his nomination process. He'll face questions on cyber defense, privacy and combating information warfare.
If you browsed the latest security headlines, you'd probably think the majority of data breaches were related to hackers, political activists, malware or phishing. While the latter two hint at it, the truth is that nearly half of all data breaches can be traced back to insiders in some capacity.
The increasing number of organizations being hit by crippling mega breaches points to a deficiency in most standard endpoint security solutions. Today's evolving threat landscape requires that organizations not only employ next generation endpoint protection technology, but that they add an element of aggressive...
The Cyber Kill Chain model describes how attackers use a common cycle of methods to compromise an organization. IT security leaders can use this research to align security programs to adversaries and improve their ability to predict, prevent, detect and respond to threats.
Download this Gartner Report in which...
The U.K.'s National Cyber Security Center and Australian Cyber Security Center are using the "Have I Been Pwned" breach-monitoring service to centrally monitor for email addresses registered to government domains that appear in data breaches.