WH Smith has had to apologise for leaking personal information about its customers to hundreds of other customers in a contact form malfunction.
Demonstrating compliance with PCI DSS is far from a trivial exercise. Are you sure you can document your organization's compliance with the new 3.0 standards?
On average, it took compromised organizations over 200 days to detect attackers once they had penetrated the network. How long would it take your organization?
The promise of SIEM is clearly an essential one - aggregate, correlate & analyze all of the security-relevant information in your environment.
While some instances of Stuxnet and Duqu found their way into seemingly unplanned locations, the majority of occurrences were localized to targeted systems.
Personnel announcements, acquisitions and other news from Information Systems Security Association, Tenable Network Security, PhishMe, eIQnetworks, McAfee and several other companies.
This month's threat of the month is anti-virtualization malware which automatically activates on a system boot-up.
Personnel announcements and M&A activity from Sophos, PwC US, NetSecurity, and others.
David Balcar, security adviser practice manager at Novacoast discusses various aspects of his job.
If there's one threat in information security that's difficult to prevent, it's the insider threat. But there are ways in which your organization can minimize the risks.
When it comes to insider threats, we often focus on implementing technologies and auditing at the endpoint, but it's the user behavior that we have to get a better grasp of.
There may be no silver bullet to detect or prevent insider threats, but there are sophisticated technological solutions that can help.
The personally identifiable information found on social networks are a gateway for hackers to get access to the heart of the information they truly desire.
When it comes to customer service in the industry, Centrify believes they're the best, and hope to prove it with a win at the SC Awards.
Phishing is at an all time high, but Axway believes its email security solution is the answer. They're looking to take home a big award at the upcoming SC Awards.
At the upcoming awards show in San Francisco, Lancope hopes to take home a big award.
At the upcoming 2013 SC Awards US, Porticor hopes to take home the Best Cloud Computing Security award.
With breaches grabbing headlines and cash funneling toward infosec budgets, the role of the security executive is shifting from tech and compliance wonk to savvy businessperson.
The Cybersecurity Act of 2012 was defeated in the Senate, FinFisher spyware analyzed, nation-state-created espionage malware Gauss, and other breaking security news
The status quo can be managed, but it requires a different capital investment profile than the one that most organizations are using today.
Connecting to a host of different networks across the country could result in potential security vulnerabilities, but closing security loopholes too often results in slow or blocked connections.
Tried-and-true phishing scams continue to win a psychological game with victims, and have hit Canada particularly hard.
Industrialization is a key factor driving the rate at which criminals are turning to malicious software to make serious money.
LinkedIn's 2Q earnings call reveals that the company spent between $500,000 to $1 million on forensic work surrounding a recent data compromise.
SC Magazine catches up with Qualys chairman and CEO, Philippe Courtot, at this year's Black Hat conference in Las Vegas to discuss the challenges industry professionals face today.
SC Magazine catches up with Marcia Hofmann, senior staff attorney at the Electronic Frontier Foundation, who provides some legal guidance for researchers in the industry.
Industry professionals must update and continue to adapt their security tactics, according to an expert at this year's Black Hat conference in Las Vegas.
The FTC has made major moves this year in its fight against cyber crime, and if enterprises and organizations aren't careful, they may be facing a team of the agency's investigators.
Global companies facing a slew of regional laws, as well as small and midsized companies required to meet regulatory demands, need governance, risk and compliance solutions.
Companies tout their privacy measures, but ensuring protection requires more than lip service.
Sign up to our newsletters
SC Magazine Articles
- FireEye: First multi-vendor ATM malware targeting cardholders
- Customer data possibly compromised in online photo store malware attack
- Excellus BlueCross BlueShield announces breach, 10.5M records at risk
- CVS employee steals data on 55K Molina Healthcare members
- False Facebook 'dislike button' ensnares users