Mark Weatherford, a former DHS cybersecurity leader, says the Office of Personnel Management neglected to take basic steps that could have helped prevent a breach that may have exposed the PII of 4 million current and former government workers.
This year's Infosecurity Europe conference in London - celebrating its 20th anniversary - decamped from Earl's Court to the glass-topped, 19th-century Olympia Conference Center, and featured more than 300 exhibitors and 200 speakers.
The Office of Personnel Management is notifying 4 million current and former federal government employees that their personally identifiable information may have been exposed by a breach of its IT systems that the government discovered in April.
Law enforcement officials estimate that fewer than 200 people in the world build the core infrastructure and tools relied on by cybercriminals who would otherwise lack such capabilities. What's the best way to stop them?
How does an advanced threat adversary operate for 10 years, undetected? FireEye APAC CTO Bryce Boland shares details of the decade-long APT30 campaign that targeted organizations in India and Southeast Asia.
Many security pros look askance at "cybersecurity." But Symantec's Sian John says the embrace of that term shows just how much senior executives are beginning to understand the risks their organizations face.
Assessing the risks presented by "digital business" - the new business designs that blur the digital and physical worlds - will be a theme at the 2015 Gartner Security and Risk Management Summit, says Andrew Walls, event chairman.
The lead cybersecurity official for Britain's GCHQ intelligence agency dismisses charges that the U.K. conducts mass surveillance. But critics question the government's introduction of the Investigatory Powers Bill.
NASSCOM and DSCI have launched a cybersecurity task force to help develop India as a global R&D hub. Experts question whether the sponsoring organizations have set the right agenda for this new entity.
In assessing risk, computer security has three characteristics: confidentiality, integrity and availability. But not all of those traits help systems designers assess privacy risks. So NIST is developing a privacy risk management framework.
A new breach reported by Heartland Payment Systems won't get much attention. But this incident could be more damaging to the undisclosed number of consumers affected than was Heartland's 2008 payment card breach.
Prosecutors love to tell judges that sentences for hackers and cybercriminals must be strong enough to deter future such crimes. But as the case of Silk Road mastermind Ross Ulbricht shows, they've failed to make the case for deterrence.