TalkTalk's confusion in the wake of its recent data breach, as well as mangling of technical details and failure to encrypt customer data, demonstrate the importance of having an incident-response plan ready in advance of any breach, experts say.
The FBI is pursuing a suspected Russian hacker who reportedly amassed a trove of 1.2 billion stolen online credentials, plus payment card data and Social Security numbers, and who's offered access to hacked Facebook and Twitter accounts.
Despite near-constant warnings from law enforcement officials and the information security community, too many organizations still aren't taking security seriously, experts warned at the Irish Cyber Crime Conference in Dublin.
In an age of ubiquitous information sharing, it is critical to control how information is presented - and to whom. Lynne Courts of Seclore discusses new security strategies and solutions that address this need.
As organizations increasingly focus on securing critical data, they mustn't overlook one huge vulnerability: enterprise email. Steven Malone of Mimecast discusses the latest in unified email management.
In a keynote address at the RSA 2014 Conference, Kevin Mandia, founder of Mandiant, warns organizations to beware of "victim's fatigue," or letting your guard down after going six months without a breach.
In the second full day of RSA 2014, ISMG's editors record exclusive video interviews with Troy Leach of the PCI Council, Adam Sedgewick of NIST and Gartner's Avivah Litan. What insights do these thought-leaders share?
Healthcare organizations aren't performing enough analysis of user behavior to detect possible insider threats, says security consultant Mac McMillan, who outlines the importance of auditing for abnormalities.
The consumerization of IT and the popularity of BYOD are jeopardizing the security and integrity of enterprise data. Seeking an easy way to share files across smart phones, tablets, and desktops, employees are using free public cloud file sharing services that lack rigorous security and audit controls. These services...
The healthcare industry never stands still - new treatments, technological advancements and now the final HIPAA Omnibus Rule are constant reminders of
how the industry is evolving.
The Omnibus Rule is changing patient privacy and data breach response, not only for healthcare organizations but for business...
The cost of a data breach or privacy violation goes far beyond compromised records to include hard-dollar expenditures for breach notification, credit monitoring, regulatory fines and legal fees. Not to mention the immeasurable cost of reputation loss.
To avoid these losses, security leaders are increasingly...
Security threats to healthcare organizations are on the rise - and so are regulatory requirements. Kim Singletary of McAfee discusses the top breach prevention and response challenges for healthcare organizations in 2013.