As cyber attacks continue to increase, IT departments continue to be challenged by older techniques, such as targeted phishing attacks, because the attacks bypass perimeter defenses and are difficult to prevent.
64 percent of more than 1,100 IT security executives believe that simply meeting cybersecurity compliance requirements, as opposed to striving for best practices, is "very" or "extremely" effective at preventing data breaches.
Two reports by a legal competitive intelligence group shed light on how perspectives are shifting among legal professionals.
Moody's will begin to place more weight on considerations related to cyber risks when issuing credit ratings, the agency announced in a report.
Dark web version of GitHub offers a place for developers to code controversial projects anonymously.
Network defense of the nation's critical infrastructure is sorely lacking, according to a report by the Government Accountability Office.
The Federal Communications Commission (FCC) dismissed a petition to require websites to honor "Do Not Track" requests.
Regulatory agencies in the U.S. are increasingly concerned by ransomware attacks against financial institutions. The Federal Financial Institutions Examination Council (FFIEC) published a statement warning financial institutions of an uptick in the "frequency and severity of cyber attacks involving extortion."
U.S. Department of State's Defense Trade Advisory Group (DTAG) met to discuss the classification of "cyber products" reportedly recommended against adding new "cyber products" to the munitions list.
New internet laws agreed by the European Parliament today have been branded as a threat to encryption by campaigners including British world wide web inventor Sir Tim Berners-Lee.
Millennial IT professionals who have worked at a single employer for seven years or more pose the greatest internal risk to their company's security, according to a report.
Criminals have figured out ways to 'hack' chip and pin cards, several years after University of Cambridge Researchers proved it was possible.
To bridge the gap between governance, risk and compliance (GRC) and IT security, organizations must adopt best practices that include automation, raising awareness and documentation, a panel of Industry professionals told an audience Tuesday at SC Congress New York.
The National Institute of Standards and Technology (NIST) unveiled two projects designed to secure email.
Symantec has discovered that unauthorized HTTP certificates were issued for Google webpages and terminated the employees who were involved in issuing the certificates.
This webinar will examine the business risks and regulatory compliance requirements associated with file transfers.
Comcast settles charges of unauthorized disclosure of details on 75,000 who paid for unlisted VoIP telephone service.
Internet service providers in Russia were ordered to block access to Wikipedia but efforts have been thwarted by HTTPs.
Demonstrating compliance with PCI DSS is far from a trivial exercise. Are you sure you can document your organization's compliance with the new 3.0 standards?
Nearly two-thirds of survey respondents believe their organization is a potential target for nation-state cyberattacks.
The Office of Management and Budget (OMB) proposed new cybersecurity guidelines earlier this week to help government agencies draft contracts with third-party groups.
Morgan Stanley dodged a bullet this week when the Federal Trade Commission (FTC) ruled the firm did not violate security protocols concerning a breach earlier this year.
Managing compliance and risk has become one of the most torturous assignments in the enterprise, particularly for those that must adhere to the ever-increasing challenge of industry, state and federal regulations.
The aviation authority instructed operators to take "interim action" to prevent loss of AC electrical power, until a software fix is available.
EMV, despite its security features over magnetic stripe cards, cannot prevent against "wholesale breaches of large numbers of credit card numbers," report authors said.
Sprint Communications has agreed to pay $15.5 million to the federal government for charging law enforcement agencies for surveillance upgrades.
NIST and NARA collaborated to produce the final draft of "Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations."
Retired Senior Executive,CIA - Insider Threat Detection, Larry Knutsen, will review the evolution of U.S. policy on insider threats and what they mean to your organization.
A recent Verizon study found that regular testing of security systems was a compliance weak point for merchants.
Sarah Dahlgren, the New York Fed's head of supervision, announced that the bank had created a team dedicated to cybersecurity.
Sign up to our newsletters
SC Magazine Articles
- Skype targeted by T9000 backdoor trojan
- CISO salaries and demand for cyber-skills skyrockets, surprising no-one
- Student SSNs exposed in University of Central Florida breach
- Malwarebytes says sorry for multiple AV bugs, still unpatched
- Ransomware and POS attackers to zero in on small businesses, retailers