DDoS attacks on U.S. banks and credit unions have resumed, just as industry experts predicted. Security specialist Bill Stewart says this wave is yet another sign that institutions must bolster defenses.
In notifying customers of a breach, the online archiving service Evernote might have confused some customers by sending them an e-mail that contained a clickable link to be used to reset passwords - despite warning against using such links.
Intelligence is helping organizations not only detect and prevent intrusions, says Mark Wood of Dell SecureWorks. It's also helping them identify they've been targeted for an attack in the first place.
The resumption of the HIPAA compliance audit program is on hold while regulators analyze pilot audit project results and implement the HIPAA Omnibus Rule, says Susan McAndrew of the HHS Office for Civil Rights.
Most organizations have more data than they know what to do with, much less understand how they can use that data in a meaningful way, say NopSec's Lisa Xu and Steven Leonard. Having the ability to aggregate that data is key.
Automating governance, risk and compliance reduces vulnerabilities that can have an adverse impact on the bottom line, says Sergio Thompson-Flores, chief executive of Modulo, a provider of GRC offerings.