Using technology to prevent breaches is insufficient. Security leaders also must address the human factor, making sure staff members receive appropriate training on clear-cut policies - before it's too late.
Managing advanced persistent threats will be a priority throughout 2013, says RSA CISO Eddie Schwartz. How should organizations defend themselves against APTs and the year's other top security threats?
"This is a business that should have known better," U.K. Deputy Information Commissioner David Smith says. "There's no doubt in my mind that they had access to both the technical knowledge and the resources to keep this information safe."
Hacktivists on Jan. 22 threatened more DDoS attacks against U.S. banks and claimed they recently hit three institutions. Despite banks' improvements in staving off online outages, the longevity of the attacks is concerning, experts say.
Banks have improved DDoS defenses, but ensuring ongoing online reliability requires a more offensive measure - one that rids the Internet of vulnerable sites that can too easily be used for bot traffic.
As the Zaxby's restaurant breach investigation begins, the high-profile point-of-sale breach involving Subway restaurants has ended in a prison sentence for one of the four accused Romanian fraudsters.
Gov. Nikki Haley devoted nearly 10 percent of her State of the State address to cybersecurity, responding to public outrage over a breach of South Carolina's tax system that exposed the records of nearly 4 million taxpayers.
In this newest banking fraud scheme, fraudsters use the customer service chat feature within the online banking platform to schedule fraudulent wires. How can institutions detect and prevent this scam?
If we're at war, the fight so far is unbalanced, and the U.S. should be grateful its cyberspace adversary is Iran. "We're probably not very prepared for a virtual conflict against a really competent state, such as Russia or China," says Rand Corp.'s Martin Libicki.