As researchers scramble to learn more about Shellshock and the risks it poses to operating systems, servers and devices, Michael Smith of Akamai explains why not all patches are actually fixing the problem.
The automated version of the IT risk management and governance framework should save project leaders 30 to 60 hours of work over a manual process of building a secure IT system, ISACA President Robert Stroud says.
The social media savvy Islamic State frightens most of the world with its gruesome Internet postings of executions and online recruitment of new Jihadists. But is the terrorist group likely to launch cyber-attacks?
Apple's advice to always use strong passwords and two-factor authentication ignores that image hackers are bypassing those controls - and celebrities aren't the only victims. Here's what needs to change.
Initial reports suggested that Russian hackers could behind an attack against JPMorgan Chase, and perhaps other U.S. banks. While it's still far from clear who the culprits are, experts discuss the potential hacking motivations of a nation-state.
The hacker community can be a cynical crowd, or perhaps a realistic one, that tries to make the best of the threats confronting society. CISO Dan Geer, for example, prefers to hire security folks who are, more than anything else, sadder but wiser.
Third-party risks and the Fed's plans for emerging payments will be highlighted at ISMG's Fraud Summit Chicago on May 14. How banking institutions and retailers are expected to respond to new risks posed by external parties will be a focus for our keynote panel.
Cloud-based advanced threat protection helps organizations detect sophisticated malware that is able to bypass existing security measures. The key is to start with the premise that the network is already infected, says Seculert's Dudi Matot.
An analysis of the Target breach prepared for a Senate committee is a political document that might help its patron's agenda but doesn't go far enough to identify technical solutions to help enterprises avoid Target-like breaches.