The new measure would require banks, healthcare providers, social media companies, search engines and other e-commerce entities operating in Europe - even those based elsewhere - to report breaches to national authorities.
The Federal Reserve confirms it's been breached. What message does this attack send to banking institutions and their vendors about the heightened urgency to implement security best practices?
Ron Ross, the NIST computer scientist who heads the initiative that is revising the guidance, characterizes the updated publication as the most comprehensive one since the initial catalogue of controls was issued in 2005.
Breach notification is just one of the major topics ripe for legislative action in 2013. What are the other key areas of focus? Gain insight from this panel of three security and privacy attorneys.
Revision 3 of the National Institute of Standards and Technology's Interagency Report 7511 defines the requirements and associated test procedures necessary for products to achieve one or more Security Content Automation Protocol validations.
A strategic security analyst from Mandiant, the company that's examining recent hacks from the inside, explains why such cyber-assaults will likely intensify under the leadership of China's new president, Xi Jinping.
The compromise of hundreds of payment cards, apparently tied to fraud worldwide, has been linked to a network hack affecting an Arizona supermarket chain. And the attack involved a new kind of malware, the chain says.
"The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked," Twitter's Bob Lord says.
"Cyber represents as big a threat to this country as any significant threat," Chuck Hagel says at his confirmation hearing to be defense secretary. "It's insidious, a quiet kind of threat we haven't quite seen before. It can paralyze a nation in a second."
Although a hacktivist group says it has suspended distributed-denial-of-service attacks on U.S. banking institutions, banking and security leaders aren't convinced. "Banks should certainly remain on guard," says Gartner's Avivah Litan.
The key to effective breach response is to not take a one-size-fits-all approach, says attorney Ronald Raether, who outlines top strategies organizations should consider when dealing with an incident.
The hacktivist group Izz ad-Din al-Qassam Cyber Fighters announced Jan. 29 that it is suspending its second campaign of DDoS attacks against U.S. banks. Learn why the group is ending the campaign.
A Montreal computer science student accessed, without authorization, an IT system to check if a software vulnerability he discovered had been remedied. This case raises the question: When, if ever, is such unauthorized action justified?
Managing advanced persistent threats will be a priority throughout 2013, says RSA CISO Eddie Schwartz. How should organizations defend themselves against APTs and the year's other top security threats?
Some critics feel the Obama administration is giving the Department of Homeland Security too much authority on leading cybersecurity initiatives. DHS's deputy undersecretary for cybersecurity explains why he thinks that view is wrong.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.
