While PCI compliance is a priority for many U.S. retailers, some major companies in Australia say they'd rather forego the cost of compliance and risk the possibility of steep fines if a card breach occurs.
In an in-depth interview, Michael Sentonas of breach response specialist CrowdStrike discusses how a focus on malware detection may still be leaving organizations exposed and describes the firm's new efforts in the Asia-Pacific region.
In the wake of a majority of British voters opting to leave the European Union, the U.K. Information Commissioner's Office argues that the country should still comply with the EU's data privacy rules. But will politics get in the way?
The U.S. Securities and Exchange Commission has obtained an emergency court order to freeze the assets of U.K. citizen Idris Dayo Mustapha, who it accuses of hacking into individuals' brokerage accounts to engineer and profit from stock price fluctuations.
Kaspersky Lab says that its original estimate of how many remote desktop protocol server credentials were offered for sale in the now shuttered online cybercrime marketplace xDedic may have been far too low, based on new data coming to light.
In the event of a "Brexit" - British exit - from the European Union following this week's referendum, the U.K. would likely still have to comply with EU data protection laws, but also face cybercrime-related policing and prosecution challenges.
Following the SWIFT-focused hack attacks, a U.S. government watchdog agency is auditing the Federal Reserve's effectiveness when it comes to ensuring that U.S. banks have robust information security and data breach prevention programs in place.
A report that the Russian government hacked into Democratic National Committee systems has security experts warning that just because malware was found on a hacked network, that doesn't mean a specific individual, group or nation-state was involved.
Crisis management expert Emily Mossburg discusses a new Deloitte study that shows why many organizations must reassess their approach to breach response to focus on what really matters: keeping the organization functioning.
Preparing for data breaches - to detect them quickly, respond appropriately and ascertain exactly what happened - can help make the difference between a security incident having major or minor repercussions, says CrowdStrike CEO George Kurtz.
The ISMG Security Report kicks off with thoughts on how Watergate - its 44th anniversary is today - would have turned out differently if today's technology existed in 1972. Also, you'll hear the backstory on the breach at Democratic Party headquarters revealed this past week.
A hacker nicknamed Guccifer 2.0 claims to be the lone attacker who breached the Democratic National Committee's systems. The claim contradicts Crowdstrike's conclusion that two Russian state-sponsored groups were involved.
Apple is building "differential privacy" into iOS 10 to try and block attempts to identify or track individual users based on their behavior, keyword searches or other activities. But will the functionality perform as advertised?
Days after booting hackers from its network, the Democratic National Committee allowed incident-response firm Crowdstrike to publicly detail its findings. That's a rare - albeit welcome - move for other potential targets.