For any of the tens of thousands of organization that may be smarting from this week's Amazon Web Services and Simple Storage Solution (S3) outage, take the following advice to heart: "You must kill your darlings."
The Reserve Bank of India has mandated that all banks must report all unusual cyber incidents within two to six hours to enable issuing suitable cautionary advisories to other banks. Experts discuss the challenges financial institutions will face in complying with the new requirement.
Déjà vu "smart toy" information security fail: Spiral Toys, maker of internet-connected CloudPets, is under fire for exposing 821,000 user records online - now being ransomed - as well as links to 2.2 million parents' and children's voice recordings.
ISMG's Fraud and Breach Prevention Summit Mumbai featured information security leaders addressing such issues as breach response challenges, cybercrime trends and security technologies and services new to the Indian market, including analytics, threat intelligence and cyber insurance.
The Russian government appears to be doubling down on its information warfare success to date, publicly confirming that it has a "cyber army" designed to wage psychological operations and propaganda campaigns. While there are defenses, too few are using them.
What did Yahoo executives know about multiple data breaches and attacks that the company suffered, and when did they know it? Those questions have continued to dog Yahoo as it negotiates its sale to Verizon for the now-discounted price of $4.5 billion.
The agency that enforces HIPAA is urging healthcare organizations and their business associates to ramp up their efforts to share information on cyber threats as part of a broader effort to develop more mature information security programs.
Our objective, as the industry's largest global media organization, is to bring you the most important bits from the conference, whether you attended the event or are experiencing the content now for the first time. Call this the Best of RSA Conference 2017.
Paid breach notification site LeakedSource has disappeared. Given the site's business model - selling access to stolen credentials to any potential buyer - breach notification expert Troy Hunt says the site's demise is no surprise.
New ransomware circulating via BitTorrent is disguised as software that purports to allow Mac users to crack popular Adobe and Microsoft applications. Separately, new ransomware calling itself Trump Locker appears to be the previously spotted VenusLocker ransomware in disguise.
Every year, information security professionals flock to San Francisco for the annual RSA Conference. From the debut of "Trumpcryption" to cybersecurity's "greatest hits" set to hip-hop violin, here are some of the 2017 event's highlights.
At the request of German authorities, British police have arrested a suspected hacker involved in last year's disruption of 1 million Deutsche Telekom customers' routers via Mirai malware, which targets default credentials on internet-connected devices.
For anyone who's worried about the rise of quantum computers and the risk that they could be used to crack modern, public-key crypto systems, leading cryptographers at the RSA Conference 2017 delivered a clear message: For now, do nothing.
Verizon will pay $350 million less for Yahoo than it first offered because the deal subsequently became tainted by three data breach disclosures. Yahoo's lower value is a study in how data breaches can impact big business transactions.
Increasing regulatory oversight is overwhelming smaller banks and credit unions, pushing them to continue to focus more on compliance than overall cybersecurity and resilience, says Sean Feeney, CEO of Defense Storm.