Collecting massive amounts of data on individuals, whether in the government or private sector, has become the norm in our society. It's not quite Orwellian, but it's a situation we might have to learn to live with.
As they develop mitigation strategies, organizations must keep in mind that all cyber-attacks, ranging from DDoS to phishing, ultimately aim to compromise data - and they virtually all are advanced and persistent.
An organization's security is only as strong as that of its partners, says Mandiant Director Charles Carmakal, who offers insight on common attack trends emerging from recent data breach investigations.
A year after LinkedIn confirmed its network had been breached, reportedly exposing 6.5 million hashed passwords, the social media company is offering users the option of adopting two-factor authentication.
What can U.S. and European organizations learn from Asia-Pac about advanced mobile tech and increasing cyberthreats? That's a question I hope to answer while in Singapore for RSA Conference Asia Pacific 2013.
Attacks aimed at mobile devices are progressing much more rapidly than any attacks ever waged against PCs. Organizations are in danger if they don't pay attention, says anti-phishing expert Dave Jevans.
Breaking into the IT security field - a male-dominated profession - is a challenge for women. Lisa Xu, CEO of NopSec, identifies the hurdles she had to overcome and offers strategies for women to grow in their careers.
If everyone supports the idea of sharing cyberthreat information, then why is information sharing so difficult? Shawn Henry, a former investigator with the FBI, tells how organizations can clear their biggest hurdles.
NIST's Ron Ross sees the cloud as helping to reduce the complexity of keeping data secure. But security expert Eugene Spafford of Purdue University offers a different viewpoint in the first part of a two-part joint interview.
Breach statistics for 2012 show DDoS attacks dramatically increased in all sectors, says Verizon's Dave Ostertag. "If your organization, company or agency has a presence on the Internet, you're a potential victim now."
As the Payment Card Industry Security Standards Council prepares to update the PCI Data Security Standard, malware attacks aimed at payments networks are garnering attention from fraud professionals, says the council's Jeremy King.
Homeland Security's inspector general office sees significant improvements in cyberthreat information sharing between the government and the private sector. But the IG says more must be done. Here's why.