A third data breach affecting TalkTalk has prompted sharp questions from U.K. public officials about whether stronger breach notification laws and breach-related penalties might help prevent more such incidents from occurring.
Despite the focus on external cyberattacks, insider attacks are almost as common and can potentially cause significantly more damage, says Michael Theis of Carnegie Mellon's CERT Insider Threat Center. In a video interview, he describes how science-based models can help organizations fight the battle from within.
Cloud Access Security Brokers are the flavor of the season in cloud security. The value proposition is immense - enabling the enterprise to extend and enforce policies beyond the perimeter effectively. Let's take a closer look.
HP has agreed to sell its intrusion detection and prevention software unit TippingPoint to security vendor Trend Micro for $300 million. But analysts say Trend Micro faces stiff breach detection and incident response competition.
Someone green-light this drama: Sony, after suffering a massive data breach that led to the leak of personal information and embarrassing corporate emails, has agreed to a data-breach settlement worth up to $8 million.
Although cybesercurity awareness is growing in India, the nation is not making all the right moves, says Dinesh Bareja of the OpenSecurity Alliance and India Watch. Even as threats evolve and multiply, old challenges remain and are making themselves more keenly felt, he argues.
Attributing cybercrime to specific criminals is becoming increasingly critical, says Eward Driehuis of threat intelligence firm Fox-IT. Using the elusive Dridex campaign as an example, Driehuis explains in this video interview how many malware attacks are interconnected.
Apple has removed hundreds of apps from its App Store for violating its user-tracking guidelines. Chinese mobile advertising firm Youmi has issued "sincere apologies" for the tracking behavior and promised to compensate affected developers.
Dow Jones has dismissed a competitor's report, which claims that attackers operating from Russia hacked into the company's servers and stole sensitive financial information for insider-trading purposes.
EastWest Institute's Bruce McConnell says cybersecurity is not a technology problem, but a matter of risk management. And varied factors are involved in developing a cybersecurity ecosystem as part of the Digital India program.
A curious case of fraud has come to light at Kotak Mahindra Bank, where fraudsters misused credit cards that the bank says it never issued. What will investigations reveal about how fraudsters accessed this data? Who is liable?
Unprecedented levels of collaboration among targeted financial services firms enabled the international law enforcement operation that disrupted the Dridex botnet, security firm Fox-IT says. Now, can that model be repeated going forward?
Dr. A S Ramasastri, IDRBT's director, says the enterprise security leader's office needs to be strengthened and empowered to tackle new threats and growing cyber espionage with an appropriate risk-based strategy.
FBI Director James Comey's declaration that the Obama administration will not pursue legislation to require vendors to create a backdoor that would permit law enforcement to circumvent encryption on mobile devices isn't the end of the matter.