Karen Scarfone, who coauthored NIST's encryption guidance, sort of figured out why many organizations don't encrypt sensitive data when they should. The reason: they do not believe they are required to do so.
While some healthcare organizations are quickly rolling out privacy and security policies for employee-owned mobile devices, others are moving slowly. What BYOD tips do healthcare security leaders offer?
PNC and Wells Fargo both reported only minor disruption from online traffic surges on Dec. 20. Has the strength of DDoS attacks subsided, or are banks getting better at defending against these strikes?
CISOs' top three priorities for 2013 are emerging threats, technology trends and filling security gaps, says RSA CISO Eddie Schwartz. But what new strategies should leaders employ to tackle these challenges?
House Cybersecurity Caucus Co-Chair Jim Langevin sees the new International Telecommunication Regulations, approved in Dubai earlier this month over the objections of the U.S., as a veiled threat to suffocate Internet freedom around the world.
The arrest of 10 individuals allegedly tied to a global phishing scheme that exploited Facebook is good news. But experts say banking institutions need to push stronger security and authentication to protect accounts.
Hacktivists announced Dec. 18 that they planned yet another round of distributed-denial-of-service attacks against five U.S. banks. Wells Fargo confirmed its online banking site experienced outages throughout the day.
A breach that resulted in a $1 million HIPAA settlement led Partners Healthcare in Boston to take many significant steps, including merging its privacy and security efforts, says CISO Jennings Aske. More changes are planned for 2013.
Online outages affecting leading U.S. banking institutions continued Dec. 12, but only U.S. Bank confirmed its site issues were linked to a distributed-denial-of-service attack. Meanwhile, FS-ISAC outlined precautions institutions should take.