New guidance for cyber-resilience, vendor management and breach notification are expected for New York state banks in early 2016. And the tone set by these guidelines may have a ripple effect, influencing the actions of federal banking regulators.
Security experts are warning that Internet-connected devices - including toys - should be treated as insecure and untrusted until proven otherwise. Have our collective information security shortcomings ever been more seasonally appropriate - or scarier?
A U.S. House committee recently passed legislation that's aimed at helping law enforcement bring to justice cybercriminals from other nations who buy and sell payment card data stolen from U.S. citizens. But would it really help the global fight against cybercrime?
Ireland's Cyber Crime Conference in Dublin drew a capacity crowd for a full day of security briefings, networking, hotly contested capture-the-flag and secure-coding challenges, as well as a chance to sharpen one's lock-picking skills.
More cybersecurity specialists are making the leap from long-time careers in law enforcement, the military and the government to the private sector, says Dale Meyerrose, a retired U.S. Air Force Major General, who explains why.
Too many security awareness and education programs fail because they're boring, says Lance Spitzner, research and community director for the SANS Institute's "Securing the Human" program. Read his suggested fixes.
As the unfolding investigation into the Paris attacks shows, just sharing threat-related data - without adding the crucial context that turns it into actionable intelligence - won't help organizations block attacks.
NICE's Rodney Petersen sees too many government agencies and businesses using old-school methods to identify and recruit IT security professionals. Consequently, they often fail to build their cybersecurity staffs.
Despite near-constant warnings from law enforcement officials and the information security community, too many organizations still aren't taking security seriously, experts warned at the Irish Cyber Crime Conference in Dublin.
In the wake of the Paris attacks, cybersecurity expert Brian Honan argues that now is not the time to make snap public policy decisions that attempt to promote or restrict either cryptography or surveillance.
The annual Black Hat Europe conference this year once again brought together numerous information security aficionados in Amsterdam for the latest training and security insights. Here are visual highlights from the conference.
Here's how police and intelligence officials in Europe and the United States are collaborating to identify and disrupt the network of people that planned, supported and launched the Nov. 13 terror attacks in Paris.
Distributed-denial-of-service attacks on banks are more powerful than ever, but we hear less about them than we did three years ago. How have attackers changed their tactics, and why should we be even more concerned about their strikes?