In 2013, financial Trojans targeted more than 1,400 institutions in 88 countries - and these attacks are only growing. Symantec's Vikram Thakur tells how organizations can combat attackers in 2014.
Training that's designed to help workers avoid clicking on links from spear-phishing e-mails may be ineffective because employees often fail to read training materials, says Eric Johnson, a Vanderbilt University professor who's co-author of a new study on the subject.
The new year's top trends in background screening can be summed up in two words: legal and compliance. Les Rosen of Employment Screening Resources offers expert tips for more effective screening.
To help reduce reliance on passwords, the FIDO Alliance is developing standard technical specifications for advanced authentication. Michael Barrett and Daniel Almenara of FIDO describe the impact the effort could have in 2014.
As a result of high-profile breaches, such as the Target incident, security is increasingly a board issue. What are the key topics security leaders should prepare to discuss in 2014? Alan Brill of Kroll offers his forecast.
2014 may well be the "Year of Security," and IT security pros must prepare now for new job demands. ISACA's Robert Stroud offers five New Year's resolutions to help prepare for 2014's security trends.
A preliminary version of the cybersecurity framework takes a too-broad approach to privacy, says security and privacy attorney Harriet Pearson. And that could result in fewer organizations adopting the voluntary security guidelines.
While preparing a speech to be delivered in Korea, NIST's Ron Ross wanted to convey the message of the importance of computer security. He hit on five themes - threat, assets, complexity, integration and trustworthiness - which form the acronym TACIT.
The breach at Target stores that may have affected as many as 40 million credit and debit card account holders is a watershed moment that could greatly raise awareness of cybersecurity risks, says privacy attorney David Navetta.
Cyberthreats increasingly target mobile devices, and simple security measures could help end-users slash these incidents by 50 percent. This is the key finding of ENISA's new Threat Landscape Report, says Louis Marinos, the prime author.
While the U.S. migration toward EMV card technology may have been jolted by a July court ruling, Randy Vanderhoof of the Smart Card Alliance contends the movement toward EMV will accelerate in 2014.
Most fraud on the Internet is linked to unsecured identities, which is why a new global identification framework is needed, says Paul Simmonds, who heads a coalition working on a framework model.
Cybersecurity risks posed by inadequate IAM and IT asset management are mounting. Now the National Cybersecurity Center of Excellence has drafted guidance to address banking institutions' unique risks, says Nate Lesser, the center's deputy director.
Security analyst Doug Mackey says his discovery of a vulnerability in the Department of Veterans Affairs' VistA electronic health record system highlights the importance of software security testing.
Managers at all levels must understand their responsibilities in providing role-based cybersecurity training, says Patricia Toth, a computer scientist at the National Institute of Standards and Technology.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.