In the modern cybersecurity regime, it is no longer about whether or even if an entity will suffer a breach, but rather how it will respond. This session will focus on the roles and responsibilities of the Board of Directors and senior management in the prevention of and response to data security and privacy...
Marriott's mega-breach underscores the challenges companies face in securing systems that come from acquisitions as well as simply storing too much consumer data for too long, computer security experts say. Meanwhile, the hotel giant has yet to answer many pressing data breach questions.
Tabletop exercises are a critical way to make sure an organization's incident response plan is effective and everyone knows their roles, says Ronald Raether of the law firm Troutman Sanders.
The Marriott hotel chain has announced its Starwood guest reservation database has been hacked, potentially exposing up to 500 million accounts. The unauthorized access to the database started in 2014, the company says.
Uber has been slammed with $1.2 million in fines by U.K. and Dutch privacy regulators for its cover-up of a 2016 data breach for more than a year. The breach exposed millions of drivers' and users' personal details to attackers, whom Uber paid $100,000 in hush money and for a promise to delete the stolen data.
The 10th annual IRISSCERT Cyber Crime Conference, to be held Thursday in Dublin, promises to round up crime trends and also offer updates on incident response lessons learned, spam fighting and even cybersecurity essentials for children.
So what's the mission of the newly launched Department of Health and Human Services' Health Sector Cybersecurity Coordination Center, and how will it function? HHS Deputy Secretary Eric Hargan explains the initiative and addresses top healthcare sector cybersecurity challenges in this in-depth interview.
Creating a cybersecurity incident response plan is a fundamental requirement of any cybersecurity program - and a requirement of many global regulations, including GDPR and PCI DSS. During this workshop, Troutman Sanders partner Ron Raether will discuss the benefits of table top exercises. He then will explain how to...
Over the past year, there's been a surge in so-called Magecart attacks, which involve payment card data being stolen from e-commerce sites via injected attack code. Researchers say they are tracing at least six active Magecart groups, each with unique infrastructure, skimmers and targeting.
Organizations can effectively rely on managed security services providers to take care of many tasks, but certain strategic security functions must be handled in-house, says Sid Deshpande, research director at Gartner.
The U.K.'s National Cyber Security Center incident response teams have investigated more than 1,000 significant incidents in the past two years, the majority of which trace to nation-state attackers, officials say.
How Susceptible are Users to Active Threats?
With phishing still the #1 entry point for cyber-attacks, your defenses need to focus on the most pressing threats: active phishing campaigns that are probing your healthcare organization.
This report breaks down the Top 10 threats, with metrics showing how well users...
The Pentagon is warning that a data breach at a third-party travel management service provider exposed records for an estimated 30,000 civilian and military personnel. The breach alert follows a recent GAO report warning of serious cybersecurity shortcomings in U.S. weapon systems.
The notorious GandCrab ransomware-as-a-service gang has released the latest version of its crypto-locking malware, backed by crypter service and exploit toolkit partnerships. But the gang's marketing savvy belies shoddy code-development practices, security firm McAfee finds.
Google blames a bug in an API for its Google+ social networking service for exposing personal details of about 500,000 users' accounts, but says it doesn't believe the information was misused. The company was forced to acknowledge the March incident after it was reported by The Wall Street Journal.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
