Cybersecurity is not a numbers game. When it only takes a single breach to inflict serious damage on your business, defending against the majority of attacks isn't enough.
Kaspersky Lab recommends focusing on prevention and mitigation of advanced threats. Our Global Research and Analysis Team (GReAT) wants to help...
Millions of Android devices are at risk from "Certifi-gate," a flaw that OEMs must patch, Check Point warns. Following Stagefright, Google and some manufacturers have promised to deliver monthly Android patches.
Virtualization and related developments bring significant changes to the architecture of today's data centers. At RSA Conference Asia Pacific & Japan, Cisco's Munawar Hossain defines these changes and outlines the new challenges.
An unconfirmed post-breach report for bitcoin exchange Bitstamp shows the organization was targeted by a sustained attack that combined phishing via email and Skype with macro malware to successfully steal almost 19,000 bitcoins, worth $5 million.
Keeping track of missing devices is a critical aspect of information security. Ali Solehdin, senior product manager at Absolute Software, discusses Computrace, which helps organizations secure endpoints and the sensitive data those devices contain.
To better secure enterprise networks, as well as detect and respond more rapidly to data breaches, businesses need to know the who, what, where, when and why of all endpoints that connect to network resoruces, says ForeScout's Sandeep Kumar.
In light of what is being called one of the largest breaches in U.S. government history at the Office of Personnel Management, every agency needs to be asking if their investments in data security are being managed appropriately. In absence of an appropriate risk-based approach, agencies can invest significant...
When IT veteran Branden Spikes founded his own company devoted to isolating browsers from attacks, he thought building the technology would be the top challenge. The venture capital community proved him wrong.
Retailers cannot avoid innovation. Yet, cybercriminals thrive when retailers innovate. What, then, can retailers do to stop cybercriminals from breaching their defenses? Here are three key questions to answer.
When IBM unveiled BIOS - Basic Input/Output System - in 1981 with the introduction of its personal computer, few perceived it as a security threat. But now, NIST has issued a new guide to mitigate BIOS vulnerabilities in servers.
Organizations across all industry sectors understand the importance of information security. But turning security awareness into meaningful action - that's the challenge that many midsized entities face, says Sophos' Nick Bray.
As Congressional leaders look for answers about why U.S. card security is failing, there hasn't been enough discussion surround why EMV can't easily fix our system. And the card brands have been conspicuously absent from the debate.
When it comes to endpoint security, large organizations find themselves in a difficult situation. Most enterprises have host-based security software (i.e., antivirus software) installed on almost every PC and server, yet their IT assets are constantly attacked - and often compromised - by sophisticated malware and...
Five years ago, life was much easier for security professionals. They could collectively focus on compliance and deploy mature controls like firewalls and anti-virus to defend against largely unsophisticated attackers. Security professionals now face much more sophisticated adversaries and tactics. This new
Version 3.0 of the Payment Card Industry Data Security Standard, to be released later this year, will include a focus on the standardization of compliance assessments, says Bob Russo of the PCI Security Standards Council.