Privacy attorney Ron Raether challenges a commission's recent recommendation that the government should support companies that use the hack-back approach to mitigating the theft of intellectual property.
Attacks aimed at mobile devices are progressing much more rapidly than any attacks ever waged against PCs. Organizations are in danger if they don't pay attention, says anti-phishing expert Dave Jevans.
If everyone supports the idea of sharing cyberthreat information, then why is information sharing so difficult? Shawn Henry, a former investigator with the FBI, tells how organizations can clear their biggest hurdles.
Maintaining accurate logs of systems' activities is crucial in helping catch insiders who threaten an organization's digital assets, says George Silowash, co-author of the Common Sense Guide to Mitigating Insider Threats.
In this exclusive interview, Tim Horton of First Data explains how the nation's largest credit card processor is helping financial institutions and merchants mitigate risks posed by malware and DDoS attacks.
As the Payment Card Industry Security Standards Council prepares to update the PCI Data Security Standard, malware attacks aimed at payments networks are garnering attention, says the council's Jeremy King.
CERT Technical Manager Dawn Cappelli tells a tale of how three individuals, who unexpectedly quit their jobs at a law firm, used a free cloud service to sabotage files containing proprietary client information from their former employer.
How could global fraudsters steal $45 million from banking institutions without being detected or stopped? It's a process breakdown, not a technology failure, says fraud expert Avivah Litan of Gartner.
Cloud computing providers must step up and develop approaches to prevent their employees from stealing or harming customer data they host, say two experts from Carnegie Mellon University's CERT Insider Threat Center.
Mark Weatherford, who recently stepped down as DHS deputy undersecretary for cybersecurity, says that although planned OpUSA DDoS attacks may initially be a nuisance, they represent a genuine long-term threat to the government.
In assessing the risk of a distributed-denial-of service attack, organizations must think beyond shoring up systems' perimeters and concentrate on analyzing cyberthreat intelligence, Booz Allen Hamilton's Sedar Labarre says.
Today's spear-phishing campaigns are localized, small and can slip through typical spam filters. As a result, detection practices have to evolve, says researcher Gary Warner of the University of Alabama at Birmingham.