Outdated policies, lax regulatory oversight and bureaucracy have stunted more advanced cybersecurity investments at some organizations that provide the nation's critical infrastructure, says Brian Harrell, the former director of critical infrastructure protection at the North American Electric Reliability Corp.
Today's cybersecurity industry is far too focused on keeping bad guys out, says Chris Pierson of Viewpost. Organizations need to pay more attention to keeping data inside the enterprise, he says, describing how to make the shift to a focus on limiting exfiltration.
By some estimates, 70 percent of enterprise data still resides on the mainframe. That means mainframe security needs to be a hot-button cybersecurity issue, says Chip Mason of CA Technologies.
The latest ISMG Security Report focuses on evolving Russian cyber threats, including manipulating hacked documents as part of a disinformation, cyber-espionage campaign.
A recent speech by a health insurance company executive is stirring up debate about whether a patient's privacy can be violated even if the patient's name is never revealed.
Electronic health records software vendor eClinical Works has agreed to a $155 million lawsuit settlement that puts a spotlight on data integrity issues, a critical component of security.
It's a tried and true military tradition: ISR, or Intelligence, Surveillance and Reconnaissance. But the practice is gaining traction in enterprises as well, and especially within cybersecurity, says Christopher Cleary of Tenable Network Security.
Two researchers who launched a crowdsourced effort to subscribe to the Shadow Brokers' monthly leak of stolen Equation Group exploits - on behalf of the entire information security community - have dropped their effort, citing legal concerns.
White House Office of Management and Budget Director Mick Mulvaney has issued a memorandum to executive branch agencies on how they must adopt the NIST cybersecurity framework as a means to manage IT risk.
Samy Kamkar became everyone's virtual friend in October 2005. His MySpace worm is still the most potent one ever unleashed on a social network, but it was just the start of a prolific hacking career.
In an in-depth interview about a new study that identifies thousands of vulnerabilities in cardiac devices, security researcher Billy Rios calls on manufacturers to more carefully consider the compromises they make in balancing the usability benefits to patient care versus the cybersecurity risks.
Two security researchers are attempting to crowdfund a recurring subscription fee to Shadow Brokers' monthly exploit dump club in hopes of helping to prevent or blunt future outbreaks of the WannaCry variety. Cue ethical debate.
Businesses are suffering from an influx of too much security technology packaged into too many solutions offered by too many vendors, says former RSA Chairman Art Coviello, who claims the proliferation of products isn't helping improve cybersecurity.
A cyber-espionage campaign apparently linked to Russia has targeted more than 200 people in 39 countries and leaked victims' stolen information - sometimes in altered form - as part of a disinformation campaign, according to privacy researchers at Citizen Lab.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.