An alert issued - and then yanked - by the FBI about fraud vulnerabilities linked to EMV chip cards is reigniting the debate between bankers and retailers over whether EMV in the U.S. should be chip-and-PIN or chip-and-signature.
Two final rules for the HITECH Act electronic health record incentive program strongly emphasize the value of risk assessments and encryption as measures for safeguarding patient information. Here's an analysis of the details.
BitSight Technologies is out with its annual Industry Benchmark Report, and cybersecurity ratings are low for the energy and utilities industry. BitSight's Mike Woodward shares insights for all sectors.
President Obama, in reaching any type of cybersecurity accord with Chinese President Xi Jinping, should borrow from the diplomacy he used to reach the Iranian nuclear agreement: Get the best deal possible and then distrust but verify.
For years, information security experts have been warning users to create complex, unique passwords, and organizations to secure them properly. But an analysis of 12 million cracked Ashley Madison passwords shows how much we're still failing.
If there's one thing federal regulators want to drill into the heads of covered entities and business associates about data breach prevention, it's this: Stop procrastinating, and conduct a risk analysis and encrypt most of your computing devices right away.
A controversy over the University of Oregon's handling of a student's mental health records is building momentum for reforms in a regulation that allows schools to use, and in some cases disclose, certain education records of students without their consent.
The FDIC says cybersecurity is a business continuity issue. So it's offering banks a series of videos and exercises to help them address key threats, including account take-over, malware infections and other risks related to third parties.
Security is a busy sector: Symantec jettisoned Veritas, Zscaler became a "unicorn" after its most recent funding round, and we have other M&A news from Cisco, Fidelity National Information Services and Proofpoint.
Thou shalt not reverse engineer Oracle's products. That was the stunning diktat issued by Oracle CSO Mary Ann Davidson in a blog post that some are reading as a declaration of war against the security research community.
Nothing says "you really screwed up" like receiving the Pwnie Award for "Most Epic Fail" at the annual Black Hat conference. Hence it's no surprise that in the wake of its mega breach, the win goes to the U.S. Office of Personnel Management.
Just two weeks after an international, FBI-led operation disrupted the notorious hacking forum Darkode, leading to 70 arrests, a supposed site administrator has claimed the forum will reboot on the "dark Web." But security experts question those claims.
Put your personal feelings aside; what's dangerous about the AshleyMadison.com breach is that ideologists will now go beyond taking down an IT system and actually destroy a business. This evolution, says cybersecurity expert Carl Herberger, requires a new way to assess and mitigate risk.