Two months after the OpenSSL flaw known as Heartbleed was discovered, remediation efforts have slowed. But several security experts laud businesses' rapid response to the threat, noting that they've installed related fixes more quickly than usual.
If the NSA's meddling in NIST cryptography standards soiled the reputation of the National Institute of Standards and Technology, an amendment approved by the House of Representatives could help restore it.
Banking institutions must improve how they analyze cyber-threat intelligence. But without better tools, security leaders can't adequately anticipate new attacks, says Greg Garcia, the new executive director of the FSSCC.
A global study conducted by data storage firm EMC to identify privacy attitudes worldwide found consumers in India are more willing to sacrifice privacy for online convenience than those in other nations.
A privacy activist's case against Facebook for allegedly sharing Europeans' personal data with the NSA in violation of EU data protection rules has been referred to the European Court of Justice for review.
The U.K. government's legal justification for spying en masse on British residents' online communications - Google searches, Facebook posts, Webmail - is questioned by privacy and Internet law experts as part of a case triggered by Edward Snowden's leaks.
Although restaurant chain P.F. Chang's has not yet confirmed a breach, several researchers say they believe the chain suffered a malware attack similar to those that compromised Target, Neiman Marcus and Sally Beauty.
Breaking down silos should help organizations mitigate vulnerabilities introduced into their systems from the information and communications technology supply chain, says the co-author of new guidance from NIST.
In recent days, three companies experienced distributed-denial-of-service attacks that resulted in significant website downtime. Find out how the organizations are mitigating the impact of the cyber-attacks.
Continuous monitoring is helping Freddie Mac reduce the number of security controls it uses to safeguard its information systems, says CISO Patricia Titus, who summarizes lessons that can apply to government and private-sector entities.
A second economic espionage campaign has been tied to a Chinese military hacking team. But does that attribution help businesses, or just highlight security firms battling for government cybersecurity spending?