In the wake of the Hillary Clinton email controversy, organizations need to be more aware of the risks of unsanctioned "shadow IT" and take appropriate mitigation steps, says security expert Mac McMillan.
Interbank messaging service SWIFT will begin collecting and sharing anonymized attack information and offering incident-response services - backed by Fox-IT and BAE Systems - to help hacked banks. But will financial institutions buy in?
Breach fallout continues to mount in the aftermath of a cyberattack on cloud-based electronic health records vendor Bizmatics, which apparently affected hundreds of thousands of patients. The saga highlights important security lessons for covered entities when it comes to dealing with business associates.
Would access to better information pertaining to encryption help Congress pass good crypto-related laws? That's the impetus behind a "Digital Security Commission" and a related report being hawked by some lawmakers.
In recent months, Cloud Access Security Broker solutions have emerged as a defacto, mandatory control. Which is better approach to CASB - proxy or API? Rohit Gupta of Palerra shares his insight and recommendations.
For its next move since jettisoning storage firm Veritas and becoming a pure-play security vendor, Symantec plans to buy network and cloud security firm Blue Coat from private-equity owners Bain Capital for $4.65 billion, gaining a new CEO in the process.
With hack attacks continuing against banks, SWIFT must follow in the footsteps of other vendors - notably Microsoft - and begin offering detailed, prescriptive security guidance to its users, says Doug Gourlay of Skyport Systems.
Ransomware, regulations, botnets, information sharing and policing strategies were just some of the topics that dominated the "International Conference on Big Data in Cyber Security" hosted by Edinburgh Napier University in Scotland.
Following the theft of $81 million from Bangladesh Bank, is it time for banks to make SWIFT money transfers less automated and better supervised and thus secure? An alleged scam from the days of telex machines and code books offers useful perspective.
Like last year's breach of the online dating site Ashley Madison - tagline: "Life is Short. Have an Affair." - this year's release of the "Panama Papers" is holding individuals accountable for actions which, if not always illegal, in many cases appear to have at least been unethical.
If you cast the Panama Papers leak in terms of class warfare, this isn't the first time that a faceless few have acted for what they perceive to be the good of the proletariat, in a bout of hacker - or insider - vigilantism.
At a time when workers use more apps than ever to do their jobs - and from more locations and devices than ever - traditional IAM is simply not sufficient, says David Meyer of OneLogin. Cloud-Based IAM is what organizations truly need.
The vast majority of cloud services today store - and manage - all related cryptographic keys for customers. But in the post-Snowden era, organizations that use cloud services must better control and lock down those environments, says WinMagic's Mark Hickman in this video interview.
Will the Fed support the use of cryptocurrency and related blockchain technology to help push the movement to faster payments? Experts at ISMG's Fraud and Data Breach Prevention Summit in San Francisco last week considered the possibilities.
The HHS Office for Civil Rights is moving too slowly in issuing HIPAA guidance related to mobile health apps, cloud storage and other emerging technologies, according to a bipartisan group of congressmen. Does OCR have too much on its plate?