During her first month on the job, former Secretary of State Hillary Clinton used a private email server that lacked a digital certificate that would have ensured encrypted and authenticated email communications, surmises security firm Venafi.
When IT veteran Branden Spikes founded his own company devoted to isolating browsers from attacks, he thought building the technology would be the top challenge. The venture capital community proved him wrong.
The CEO of Bit9 speaks from experience: His firm was hacked, sensitive data stolen and customers put at risk. And what's happened since represents his mission to fend off attackers, even as they refine their hacks.
Attacks are larger, adversaries more diverse, and damage is broader. These are characteristics of today's DDoS attacks, and organizations need a new approach to protection, says Verisign's Ramakant Pandrangi.
The Anthem breach, which possibly started with a phishing campaign, is a prime example of how hackers are perfecting their schemes to target key employees who have access to valued information, says Dave Jevans of the Anti-Phishing Working Group.
As hack attacks, such as the breach of Anthem Inc., become more common, it's more critical than ever for organizations to carry out an "adaptive defense model" to protect sensitive information, says Dave Merkel, chief technology officer at FireEye.
As a result of the explosive growth in worldwide use of smart phones, mobile malware will play a much bigger role in fraud this year, predicts Daniel Cohen, a threat researcher for RSA, which just released its 2014 Cybercrime Roundup report.
Target is the high-profile example, but many organizations have been breached through third-party vulnerabilities. Where are the security gaps, and how can they be filled. BitSight's Stephen Boyer offers insight.
Recognizing the behavior of an intruder, rather than relying on digital signatures, will prove to be a better way to prevent hackers from pilfering data and creating havoc in IT systems, says Radware CEO Roy Zisapel.
Data breaches are inevitable, hence it's up to executives to ensure their enterprise is secured, without trying to encrypt everything, warns Prakash Panjwani, president and chief executive officer of SafeNet.
Texas Chief Information Security Officer Brian Engle, like other CISOs, has voiced concerns that the state government didn't have sufficient staffers and managers with the right set of IT security skills. Engle, however, did something about it.
The increase in sophisticated hacking attacks will lead other sectors to follow the lead of the financial services industry in implementing multifactor authentication, says Ken Hunt, CEO of VASCO Data Security International.
The FBI has attributed the Sony hack to North Korea, in part by analyzing the messages left by the "G.O.P." attackers. But linguistics expert Shlomo Engelson Argamon says the messages appear to have been written by native Russian speakers.
Ninety percent of even the largest global firms are susceptible to targeted attacks. And if adversaries want to get in, they can, says Peter George, CEO of Fidelis Security Systems, who discusses new security strategies.