The latest entrant into the password "hall of shame" is Sony Pictures Entertainment. As the ongoing dumps of Sony data by Guardians of Peace highlight, Sony apparently stored unencrypted passwords with inadequate access controls.
In new guidance from the PCI Council, its leaders outline why businesses that handle card data need to address employee education. Here, experts explain why this guidance is a positive step for card security.
Symantec's capture the flag event puts white hat security professionals into black hat shoes to help them better understand their attackers. How did the latest participants fare? What gaps were exposed?
Sophisticated threats require advanced threat protection. A threat-focused next-generation firewall must adhere to three strategic imperatives. Learn how these imperatives improve defense against advanced threats.
An important lesson to learn from the massive JPMorgan Chase breach is that banks can't just focus on protecting card data and online banking accounts; they also must protect their customers' personally identifiable information.
The Modi government's "Jan Dhan Yojana" is ambitious, and security concerns are vast. Awareness, complexity and scope must be addressed, says Pervez Goiporia, vice president, IDM development, at Oracle India.
A security expert and average consumers respond differently to the eBay breach. As most customers retain a high degree of faith in online merchant security, the expert believes eBay committed a serious sin in its lack of strong authentication.
Banking institutions must improve how they analyze cyber-threat intelligence. But without better tools, security leaders can't adequately anticipate new attacks, says Greg Garcia, the new executive director of the FSSCC.
Banking experts say the Retail Industry Leader Association's launch of a cyberthreat information sharing initiative is a good first step toward thwarting breaches, but it should build on the models used by other industries.
Embedding some information security practitioners within business units could help improve IT security awareness in many enterprises, reducing security risk, says Steve Durbin, global vice president of the Information Security Forum.