New payment card security standards issued by the PCI Council include a number of improvements, plus some glaring omissions, such as requirements for mobile, security experts say. What are their chief concerns?
Organizations must guard against making three common mistakes when conducting an investigation of a data breach or fraud incident, says attorney Kim Peretti, a former Department of Justice cybercrime prosecutor.
A recent ATM fraud scheme that targeted banks in three states illustrates just how sophisticated ATM attacks have become, experts say. Learn how fraudsters are increasingly keeping their skimming schemes concealed.
The National Institute of Standards and Technology continues to collaborate with the National Security Agency on its IT security guidance even as it investigates whether the spy agency meddled with one of its special publications.
A significant uptick in traffic linked to an Internet port known as "port zero" is likely among the first signs of a massive and targeted attack against remote servers and networks worldwide, one threat researcher says.
As major cloud vendors, including Salesforce, integrate identity and access management features into their platforms, security professionals must size up the role that stand-alone IAM systems will play in the long run.
NIST is revising its 3-year-old smart-grid guidance to address technological and policy changes that have made the power grid more susceptible to vulnerabilities and threatened utility customers' privacy.
The Army Research Laboratory is collaborating with five research universities on a $23 million, 5-year initiative to develop what's being characterized as a new science to detect, model and mitigate cyber-attacks.
The White House says the conversation between the president and business leaders focused on how to encourage adoption of the cybersecurity framework. Participants also discussed the need for framework adoption by suppliers.