A judge has dismissed a class-action lawsuit against Michaels, filed after the retailer warned that POS malware-wielding attackers had successfully stolen details of an estimated 2.6 million payment cards. But the ruling isn't a surprise - here's why.
The FFIEC's Cybersecurity Assessment Tool is already being integrated into regulators' cybersecurity examinations, says Gartner analyst Avivah Litan. But the tool has so far led to more confusion than clarity, she says, and must be enhanced in 2016.
Expect rebooted European Union data privacy rules to drive organizations worldwide to begin minimizing the amount of information they collect and store on individuals in 2016, both to protect privacy as well as minimize the impact of data breaches.
Improving breach detection and defenses involves much more than buying the latest technology, warns security expert Haroon Meer. "We keep moving on as we try to solve new, shiny problems, which we then half solve, but we still haven't completely solved problems that we knew about 20 years ago."
Hyatt warns that it's the latest hotel chain to fall victim to POS malware. It's offered scant breach-related details, but lots of bromides about taking payment card security seriously and urging customers to keep paying by card.
Cybersecurity is becoming an issue in the U.S. presidential campaign, finally. That's good news because it's critical in our day-to-day lives. But are the candidates doing the issue justice in the way they address it?
New details emerging about a breach involving a former Morgan Stanley employee illustrate how a case of inappropriate access to data can blossom into something much more serious. The case shines a spotlight on the urgent need to mitigate insider threats.
Hundreds of millions of PCs are at risk of being remotely exploited, after a security researcher released proof-of-concept exploit code for separate, newly discovered flaws in software preinstalled on systems by Dell, Lenovo and Toshiba.
Turns out electronic learning products can be bad for children's privacy - and for their parents too. The VTech breach highlights how, despite repeated warnings, too many manufacturers continue to not take security seriously.
The security of Internet-connected toys is in the limelight after toymaker VTech acknowledged suffering a data breach that affects 5 million accounts and personal information and photographs relating to more than 200,000 children.
Ireland's Cyber Crime Conference in Dublin drew a capacity crowd for a full day of security briefings, networking, hotly contested capture-the-flag and secure-coding challenges, as well as a chance to sharpen one's lock-picking skills.
TalkTalk's confusion in the wake of its recent data breach, as well as mangling of technical details and failure to encrypt customer data, demonstrate the importance of having an incident-response plan ready in advance of any breach, experts say.
The FBI is pursuing a suspected Russian hacker who reportedly amassed a trove of 1.2 billion stolen online credentials, plus payment card data and Social Security numbers, and who's offered access to hacked Facebook and Twitter accounts.
Despite near-constant warnings from law enforcement officials and the information security community, too many organizations still aren't taking security seriously, experts warned at the Irish Cyber Crime Conference in Dublin.