The U.S. regulation that forbid ISPs from selling information about web activity without a customer's permission is gone. But it's still possible to maintain privacy on the Web even if prying eyes are watching.
Google has run out of patience with Symantec's digital certificate business. It has outlined a plan that over time will have its Chrome browser reject all of Symantec's existing digital certificates and force all of its future certificates to be reissued every nine months.
With the rapid changes in the threat landscape and the risks introduced by DevOps, the cloud and other new elements, organizations need to have a continuous vulnerability assessment program as a security baseline, says Richard Bussiere of Tenable Network Security.
Cloud services firm Coupa is one of the latest business email compromise victims, after a fraudster pretending to be its CEO faked out the HR department and stole all of its 2016 employees' W-2 forms. Security experts say rigorous training remains the only viable defense.
FBI Director James Comey worries about data corruption, and he's focused on hackers altering data. But if government leaders feed false information into computer systems, what should IT and IT security practitioners do to protect data integrity?
Acknowledging the urgent IT security challenges the nation faces, a cybersecurity commission named by President Barack Obama encourages the incoming administration to adopt some of its recommendations in the first 100 days of Donald Trump's presidency.
A checkbox approach to security, focusing on narrow compliance issues, does little to help ensure patient data remains secure. Healthcare organizations must create a practical action plan to accomplish many goals, such as ensuring endpoints are secure, minimizing the risk of breaches, and reducing stakeholder...
The healthcare sector is a prime target for hackers due to the value of medical records offered for sale on the dark web and the industry's struggles to develop and carry out effective data security strategies. In addition, many organizations rely on the services of third parties that may also lack adequate security...
To better mitigate the breach risks tied to the growing use of mobile devices, organizations need to adopt enterprise digital rights management as a way to improve data security, says Gartner's John Girard.
While the push for security in regulated industries is compliance driven, it's essential for organizations to also develop security strategies based on business risks, says A. Shiju Rawther, head of infrastructure and security operations at a leading credit-rating bureau in India.
The surge in data breaches and the pervasiveness of malware, especially ransomware, has led to a surge in security technology startup firms, which makes it much tougher for CISOs to choose the right business partners in the overcrowded marketplace, argues Raimund Genes, CTO at Trend Micro.
The next president of the United States should establish a cabinet position focused on cybersecurity, and Congress should create a more focused approach to funding and authorizing IT security initiatives, says Larry Clinton, who heads the Internet Security Alliance.