"This is about preparing the battlefield for another type of covert action," a former high-ranking U.S. intelligence official says. "Cyber collection against the Iranian program is way further down the road than this."
LinkedIn's failure to comply with long standing industry standard encryption protocols jeopardized its users' PII, and diminished the value of the services, the class action federal lawsuit filed in northern California says.
Gartner's Peter Firstbrook, to illustrate the vulnerability of IT systems, cites research that pegs at about 400 days the average time a targeted virus remains undetected on a computer. And, he says, that doesn't speak highly of the current offerings from security vendors.
LinkedIn contends it had on staff world-class security experts when nearly 6.5 million members' hashed passwords were pilfered, although the social media company has neither a chief information officer nor chief information security officer.
Brokers and insurers have upped their marketing efforts to get enterprises to purchase cyber insurance, even though policies could be risky for sellers and buyers. See 10 considerations you should mull before buying cyber insurance.
The ISO 22301 standard for business continuity has been issued. What do organizations need to consider as they implement the new standard? Lyndon Bird of the Business Continuity Institute offers insight.
Global Payments Inc., the breached payments processor, now says the scope of its self-discovered data breach may be broader than initially reported and involve personal data collected from merchant customers.
A successful effort to build a corporate culture that values privacy should be built on ideas that come from the rank-and-file staff in all departments, says Jan Hillier, a specialist in managing change.
Georgia Tech Research Institute is beta testing a malware intelligence system that research scientist Chris Smoak contends will help corporate and government security officials share information about the attacks they confront.