Data Leakage Prevention
While Global Payments investigated the breach of its North American processing system, it turned up another intrusion, this one impacting merchants.
Following the theft of a computer at Sutter Health in October that put the personal information of more than 4.2 million patients at risk, 11 class-action lawsuits were filed against the Sacramento, Calif.-based nonprofit.
DLP solutions remain fairly immature, but the need to protect and monitor sensitive information is greater than ever.
A thief broke into a doctor's car and stole a briefcase containing a flash drive that held personal data on patients of University of Miami Miller School of Medicine.
With the holidays right around the corner, expect many workers to soon be returning from their breaks with shiny new personal devices, like an iPad, in hand -- and wanting to connect them to the corporate network. IT departments must have a response plan in place.
The unencrypted data of 4.2 million Sutter Health patients went missing last month, and now the health care providers faces legal action.
While the nation's economy remains in the tank, the information security market appears to be avoiding a major slowdown.
Organizations must accept that they have been compromised by attackers and apply some personal craft to limit the damage, two security experts said during a panel Wednesday at SC Congress New York.
Throughout the day, SC Magazine will be announcing the finalists from each of its 32 award categories, covering the Reader Trust, Professional and Excellence sections.
HTC plans to release a patch after a "short" testing period, the company said Tuesday.
The answer is "no," but that doesn't mean security professionals are hopeless in defending their networks against politically minded intruders. Not to mention, you have more in common with them than you might think.
If we didn't care about who sees, damages or alters our data, we wouldn't need to waste millions of dollars on the tools of our trade, says Peter Stephenson, technology editor.
In a conversation with SC Magazine Executive Editor Dan Kaplan, Steve Livingston, principal of Deloitte Enterprise Risk Services, chronicles how people, processes and technology can combine to create a robust risk framework that achieves buy-in from senior management.
The PCI Security Standards Council on Tuesday released "PCI DSS Virtualization Guidelines" to update credit card payment security to the age of cloud computing.
With the April 18 tax deadline looming, security isn't top-of-mind for the employees in your finance, audit and operations departments.
Dust off your company's risk assessment process and make sure it is up to date because this is where your approach to defending against a WikiLeaks type of threat is going to start.
Data leakage prevention (DLP) is garnering a lot of attention as a cure-all for risk management.
Tools that better classify data, provide deep-packet inspection and offer risk management for organizations migrating to the cloud are three solutions areas ready to make their mark in the security industry, predicted a panel of CISOs on Tuesday.
When guarding against data breaches, organizations must consider the security postures of their closest partners, such as law firms and cloud providers.
Federal departments and agencies that handle classified data are required by Jan. 28 to complete an assessment of the safety measures they have in place to protect national security information, an effort prompted by the leak of confidential U.S. documents by whistleblower site WikiLeaks.
It is important for organizations to consider the basics if they want to avoid the leakage of sensitive information.
Trusting no one may soon become the new mantra in IT security, given the leak of sensitive U.S. diplomatic cables.
The federal government is moving quickly to deploy new security measures in light of the leak of hundreds of thousands of classified U.S. documents by whistleblower site WikiLeaks.
Organizations must consider the entire lifecycle of data, even when in hardcopy form, when implementing a security strategy.
The personal information of Delaware state retirees was included in a request for proposal that made its way onto the state's website for five days before it was discovered and removed.
Drivers such as compliance and insider threats are helping to keep information security budgets at financial institutions alive and well, according to a new study.
Organizations may want to second-guess a more restrictive strategy on website access and settle on a more pragmatic approach.
SC Magazine reporter Angela Moscaritolo interviews Eduard Goodman, chief privacy officer of Identity Theft 911, who says businesses are slow to develop policies for mobile device use, and smartphones can be the cause of many breaches.
Microsoft has disclosed a zero-day vulnerability in SharePoint after a Swiss security firm released details about the threat, which can be leveraged to siphon sensitive data from business users.
Sign up to our newsletters
SC Magazine Articles
- Popular adult website XTube compromised, delivers malware
- Android vulnerability leaves apps open to malicious overwriting
- One in three of the top million websites are 'risky,' researchers find
- Orgs predict $53M risk, on average, from crypto key, digital cert attacks
- Hanjuan Exploit Kit leveraged in malvertising campaign
- Report: 71 percent of orgs were successfully attacked in 2014
- Self-deleting malware targets home routers to gather information
- 'PoSeidon' point-of-sale malware targets payment card information
- Amedisys notifies nearly 7,000 individuals of potential breach
- Report: More than 15,000 vulnerabilities in nearly 4,000 applications reported in 2014
- The best defense is a good offense: The importance of securing your endpoints
- British Airways says rewards accounts hacked, locked down
- Documents on NSA's zero-day policy provide little insight, EFF says
- GitHub on DDoS alert, efforts to curb its largest attack continue
- Shadow data: The monster that isn't just under your bed