Although restaurant chain P.F. Chang's has not yet confirmed a breach, several researchers say they believe the chain suffered a malware attack similar to those that compromised Target, Neiman Marcus and Sally Beauty.
Breaking down silos should help organizations mitigate vulnerabilities introduced into their systems from the information and communications technology supply chain, says the co-author of new guidance from NIST.
Continuous monitoring is helping Freddie Mac reduce the number of security controls it uses to safeguard its information systems, says CISO Patricia Titus, who summarizes lessons that can apply to government and private-sector entities.
A second economic espionage campaign has been tied to a Chinese military hacking team. But does that attribution help businesses, or just highlight security firms battling for government cybersecurity spending?
A new voluntary cybersecurity framework from the Bank of England is designed to help financial institutions in the U.K. identify vulnerable areas that could be exploited by a cyber-attack. Find out the details of the new program.
When NIST issued "Guidelines on Cell Phone Forensics" in May 2007, Apple's introduction of the iPhone was a month away. Seven years later, NIST is revising its guidance and giving it a new moniker, "Guidelines on Mobile Device Forensics."
Luxury retailer Neiman Marcus is searching for its first CISO following the company's major data breach last year. Security experts weigh in on the attributes of ideal candidates and offer advice for how they should tackle the job.
Imagine a cyber-attack that disables an electricity distribution center. What's the role of the U.S. military, government or the utility company in defending and retaliating? That's a question on the mind of Army Col. Gregory Conti.
The British government aims to increase uptake of five essential security controls at U.K. businesses, backed by third-party annual audits and a badge of compliance. Many government contractors must comply.
As the cybersecurity skills gap widens, and more jobs are left unfilled, three higher education institutions are implementing innovative programs to help build a pipeline of qualified information security professionals.
In the wake of the Heartbleed flaw, a researcher finds new weaknesses in OpenSSL that could be exploited to launch man-in-the-middle attacks, distributed-denial-of-service attacks and remote-code execution on millions of sites.