Researchers at KnowBe4 sent simulated phishing messages to more than 3,500 small and midsized enterprises and found that recipients at nearly 500 companies clicked on a link contained in the message.
Security awareness training programs should be an essential part of information security endeavors, a security professional said Thursday at SC World Congress in New York.
Due to strained budgets, some IT departments are cutting funding for technologies that would help mitigate threats they are most concerned about, according to a survey from RSA Conference, released Wednesday.
Researchers are set to discuss a wide range of topics at the annual Black Hat conference.
One respected security researcher wants to legalize the hacking of federal government and military websites -- and he wants everyone to hear him out.
In an inadvertent security breach, a document that detailed information on nuclear sites was posted on the Government Printing Office's website.
Federal agencies continue to be lax in their implementation of information security programs, according to a new report from the Government Accountability Office.
Companies should consider merging physical and information security into a converged program -- it might be challenging but it will be worth it.
Customer education and a holistic security strategy are the best approaches to fight fraud within the financial services community, a panel of experts said Wednesday at the RSA Conference in San Francisco.
A new program is encouraging information security experts to educate school children about how to protect themselves online.
Management increasingly is recognizing security as a top business priority, which is resulting in higher budgets for some organizations despite the economic slowdown, according to a new survey.
Despite being aware of the importance of security, small-to-medium-size businesses (SMBs) generally are not protecting their networks, according to a survey released Thursday by Symantec.
Web application security spending is expected to either stay flat or increase, according to the first quarterly Security Spending Benchmarks Report published Thursday by the Open Web Application Security Project.
Vulnerabilities in web applications made up 80 percent of all web-related flaws in the second half of 2008 and rose in prevalence by about eight percent from the first half of the year.
The world is more interconnected than ever before, so security pros have opportunities to make a difference in their enterprises, a former White House cybersecurity adviser told a group of CSOs.
A new report released this week by the U.S. Senate's Homeland Security and Governmental Affairs Committee calls for a concerted national effort to overcome cybersecurity threats to the United States.
Companies around the globe are recognizing the second annual Data Privacy Day on Wednesday with seminars and other events aimed at educating users and generating discussion around the topic.
NIST this month released draft recommendations that federal agencies -- and their contractors -- should follow to protect the confidentially of personally identifiable information.
A simulation this week demonstrated the need for better collaboration among public and private security groups.
The former Connecticut substitute teacher who was accused of exposing middle-school students to internet pornography has avoided prison time and a new trial.
Security professionals weigh in on what may have caused the most recent high-profile personal account breach -- this one involving French President Nicolas Sarkozy.
Hotel guests across the country could be connecting their laptops to an insecure connection, a new study concludes.
The movement to create secure software received a boost with the launch of a new certification from (ISC)2, called the Certified Secure Software Lifecycle Professional, designed to validate secure software development practices.
Advanced degrees in information security are popping up with increasing frequency, but are they worth the time? Cynthia Phillips at Brandeis says yes, reports Dan Kaplan.
Information security pros neither face wage boons nor badlands this year, reports Illena Armstrong.
The deadly twisters that ripped through Kansas this week and the historic floods sweeping across the Upper Midwest will soon give rise to donation scams and malicious attacks, the SANS Storm Center warned on Friday.
Three months after an unencrypted backup tape goes missing, 4.5 million Bank of New York Mellon customers are notified their identities may be at risk.
An easy-to-fix -- but often overlooked -- problem most likely took the National Security Agency's website and its mail services down for six or seven hours on Thursday.
The National Security Agency (NSA) on Thursday announced that 10 new colleges have been designated National Centers of Academic Excellence in information assurance.
IT security vendors' sole purpose is to generate revenue -- not offer complete security -- and they will only create solutions to stop dangerous threats when they are incentivized to do so, the principal security strategist for IBM Internet Security Systems said Wednesday at Interop in Las Vegas.