Are there rules in cyberspace? There aren't many, but Microsoft is proposing a "Digital Geneva Convention" that would set some internet norms for countries to help prevent unfair targeting of civilians.
Australia's Parliament has passed a mandatory data breach notification law that requires some organizations to tell consumers and regulators about an incident within 30 days or face hefty fines. But one security expert says the law has gaps that could pose risks.
Dan Holden, a cybersecurity researcher and technologist, has just taken on the new role of CTO and intelligence director at the Retail Cyber Intelligence Sharing Center. What top challenges is he addressing?
Gartner's Avivah Litan is just back from a trip to Israel, and she's particularly enthusiastic about the new topic of "offensive defense." What is the concept, and what security controls does it require?
The website of Saudi-based National Technology Group, an IT services organization, was spoofed by an advanced persistent threat group known as "NewsBeef'" that attempts to steal credentials and gain access to critical corporate information, according to a report by CERT of Saudi Arabia obtained by ISMG.
At this year's RSA Conference, we have about 35 videos on the docket. And truly we're talking about the A-Z of information security thought leaders, from CrowdStrike co-founder Dmitri Alperovitch to ZixCorp CEO David Wagner, with a stop in the middle to discuss homeland security with U.S. Rep. Michael McCaul.
New Zealand's privacy commissioner is recommending new civil penalties against companies of up to NZ$1 million (US$718,000) for a "serious" data breach in light of sterner penalties adopted by Australia and the European Union.
Dozens of banks, governments and telecommunications companies have been struck by fileless malware, which resides in memory and leaves few traces for investigators, according to Kaspersky Lab. The use of open-source tools and utilities makes the attacks difficult to detect.
Just like epidemiologists studying disease outbreaks, cybersecurity professionals can benefit from identifying and mitigating certain behaviors, says Dr. Elizabeth Lawler, an epidemiologist who is CEO of Conjur, a data security firm.
The proposed creation of a CERT dedicated to serving India's financial sector is good news. But working out a realistic framework for its activities and defining its role in ensuring stronger security for the sector will prove challenging.
Televisions that spy on their users have long been a trope of dystopian fiction, including George Orwell's "1984." But the spying TV appears to be far from fictional, according to a new settlement agreement reached between the FTC and smart-TV maker Vizio.
InterContinental Hotels Group is warning customers that malware infected point-of-sale devices at a dozen of its hotel restaurants and bars in North America and the Caribbean for up to four months in 2016. But it's unclear if the breach ties to reported exploits involving POS service providers.
India's finance minister Arun Jaitley announced plans to form a separate computer emergency response team, CERT-Fin, for the financial sector, in his union budget speech to the Indian parliament - a move that has drawn a mixed response from security experts