Creativity and innovation give businesses a competitive edge. Some companies keep innovations as secrets, and because the secrets are of great value to those companies, they take steps to ensure the information is protected. A trade secret is a type of intellectual property, and it's often the key to competitive...
User education is vital to boosting the detection rate of phishing emails or social engineering scams that could lead to data breaches or ransomware infestations. Technology alone can't make websites or email inboxes safe since both are business-critical for all users, says ID Agent's Amelia Paro.
The shift to remote work introduced new security risks for Piedmont Healthcare since workers could no longer rely on the firm to protect their information. Employees need to understand the security issues associated with connecting to the network using personal devices, says CISO Monique Hart.
The Department of Health and Human Services faces "significant challenges" in protecting data and technology from cyberthreats and improving how its various related entities share large volumes of critical data, including public health data, a new watchdog report says.
The French data protection authority fined Discord 800,000 euros for privacy and security practices that violate the General Data Protection Regulation. Authorities said the fine might have been higher except that Discord's "business model is not based on the exploitation of personal data."
Despite the strategic priorities laid out by the Biden administration and initial indicators provided by the Department of Defense, it's unclear how the next national defense strategy will prioritize threats and define the primary role of the U.S. military. Chris Dougherty discusses cyberwarfare.
Iranian hackers used Log4Shell to penetrate the network of an unnamed federal agency where they stole passwords and implanted cryptocurrency mining software. Whether the Iranians were acting wholly on Tehran's behalf, on their own behalf, or both, is uncertain.
Soccer fans watching the 2022 FIFA World Cup live from Doha should think twice about installing two apps developed for the Qatari government, warn multiple European data protection authorities. The apps likely open the door to surveillance by authorities with a spotty human rights track record.
Complexity is the enemy of security, and information technology grows ever more complex. Have we created a problem space in computing so complicated that we will be unable to safely operate in it for its intended purposes? Fred Cohen says that's unlikely. He discusses managing risk in the future.
The U.S. Federal Trade Commission pushed until June 9 the date for nonbanking financial firms to follow cybersecurity mandates in the updated Safeguards Rule. The agency approved the update in a partisan vote in October 2021, imposing requirements such as a written information security program.
Twitter accounts that use SMS for two-factor authentication are at a heightened risk of account takeover with the disclosure that texting "STOP" to the verification service results in it being turned off. The vulnerability opens the door to a password reset attack or a password stuffing attack.
Apple, Google and Microsoft supported a new common passwordless sign-in standard, and a key Senate committee approved the Improving Digital Identity Act of 2022. How will these moves pay off in 2023? Identity security expert Jeremy Grant weighs in on trends and predictions for the new year.
The shift to remote work during COVID-19 has prompted hackers to dramatically boost phishing attacks. The pandemic has led to users reading more corporate email on personal devices and opening messages while distracted by children or pets, increasing the chances they'll click on something malicious.
In the latest weekly update, ISMG editors discuss implications of the seizure of $3.36 billion in stolen bitcoin, whether the EU is complicit in the spread of advanced spyware, and the departure of the U.K.'s Dr. Ian Levy, technical director of NCSC, with some important parting words.
A U.S. federal district judge said users would be "shocked to realize" that Facebook collects patient data. Plaintiffs suing the social media giant asked the judge to enjoin the company from intercepting health data and communications through its Pixel web tracking tool embedded into patent portals.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.