Too many organizations fail to adequately manage and secure their SSH keys, even though the keys secure everything from file transfers and backups to patching and database management, NIST warns in new draft guidance.
A Twitter chat featuring Gartner's Avivah Litan offered a lively discussion of numerous fraud-related issues, including card breaches, weak authentication and the need for mobile scrutiny. We'll host more chats soon.
Initial reports suggested that Russian hackers could behind an attack against JPMorgan Chase, and perhaps other U.S. banks. While it's still far from clear who the culprits are, experts discuss the potential hacking motivations of a nation-state.
Early reports suggested Russian hackers are behind complex attacks and network intrusions at multiple U.S. financial services firms, including JPMorgan Chase. But security experts warn against jumping to conclusions, based on scant evidence.
Russian hackers stole data from JPMorgan Chase and at least one other bank in a mid-August attack against the U.S. financial system, according to a Bloomberg news report. The attack allegedly resulted in the loss of "gigabytes" of sensitive data.
In an in-depth interview, Adam Sedgewick, the point man for the NIST cybersecurity framework, addresses misconceptions about the guidance, the costs to implement it and its role as a marketplace catalyst.
The IAPP has launched a new privacy certification designed for IT, security and engineering pros. What are the key elements of this new program? JC Cannon, a privacy author and educator, shares details.
What lessons can be learned from recent high-profile breaches? IT security experts John Pescatore of the SANS Institute and Ron Ross of NIST explain how organizations can work to mitigate the new-style data breach threat. Listen to the conversation.
Security intelligence firm LogRhythm has launched what it calls a "threat intelligence ecosystem" in collaboration with five other security vendors, giving customers the ability to customize the information they want in their intelligence feeds.
A proposed German cybersecurity law would require critical infrastructure organizations to disclose all significant security incidents. Legal experts say the proposal signals Germany's attempt to take a leadership role at the EU level.
Financial institutions feel the pain of recent retail breaches, and they seek new ways to secure payments and fight fraud. But how can security leaders influence changes within their own organizations?
White House Cybersecurity Coordinator Michael Daniel is under fire for perceived 'bragging' about his lack of technical expertise. But was Daniel, in fact, bragging? And is he off base in saying his job doesn't require deep technical experience?
As more organizations accommodate employees' demands to use mobile devices, ensuring the security of the applications on those smart phones and tablets has become critical. That's why NIST is developing new apps testing guidance.
As UPS Stores reveals that 51 of its locations were infected with POS malware, a restaurant in New Orleans confirms its POS system was breached using Backoff - malware about which federal authorities recently issued a warning. Experts offer analysis.
Michael Daniel explains that among his biggest challenges as special assistant to the president is fully understanding the economics and psychology behind cybersecurity, topics that few people have mastered.