Technology lawyers for Twitter, Google and Facebook vowed before a Senate subcommittee on Tuesday to implement tighter controls on their platforms after finding Russia's disinformation and propaganda efforts on social media reached far more people in the U.S. than previously thought.
The United Kingdom might be greater than the sum of its parts. But when it came to the WannaCry outbreak, some parts of the United Kingdom did less great than others. Here's how the governments and health boards of Scotland, Northern Ireland and Wales are responding.
Former Trump campaign aide George Papadopoulos learned that Russia had thousands of pilfered emails containing "dirt" on Hillary Clinton three months before they appeared online, according to court documents.
If Eugene Kaspersky had attended Wednesday's House hearing on the risk his company's anti-virus software poses to the U.S. federal government, he would have faced an unfriendly reception. But Kaspersky wasn't invited, although the panel may "entertain" the possibility of inviting him to a future hearing, according to...
Is digital transformation an impending "disaster" - leaving more attack surfaces open to exploit and putting enterprises at further risk? Or is there a chance to rewrite how the security department operates? Former Burberry CISO John Meakin shares his views.
Want to infect systems used by a large swath of cybersecurity professionals in one go? Then use a malicious decoy document to target potential attendees of a NATO and U.S. Army conference on "The Future of Cyber Conflict" being held in Washington.
Will all of the anonymously lobbed U.S. government allegations against Moscow-based security vendor Kaspersky Lab send anti-virus users running for the hills? Don't let it, one security expert says, noting that ditching AV would be a gift to cybercriminals and intelligence agencies alike.
Can U.S. law enforcement use a warrant to seize emails stored outside the U.S. by a cloud services provider? That's the question the Supreme Court has agreed to consider next year. Microsoft continues to fight an order to turn over emails stored in an Irish data center.
New York state's Department of Financial Services is enforcing minimum cybersecurity standards by which all banks and other financial services firms that it regulates must abide. Think of the new regulation "as a playbook or a guidepost," says cybersecurity attorney Paul Ferrillo.
Equifax ex-CEO Richard Smith asserts that a single employee's failure to heed a security alert led to the company failing to install a patch on a critical system, which was subsequently exploited by hackers. But his claim calls into question whether poor patch practices and management failures were the norm.
At the first of three Congressional hearings slated this week to examine the Equifax mega-breach, one Republican said of the company's delay in detecting the breach: "It's like the guards of Fort Knox forgot to lock the doors and failed to notice the thieves were emptying the vaults."
The latest edition of the ISMG Security Report is devoted to a special report on how enterprises around the world should prepare for the European Union's General Data Protection Regulation, which starts being enforced in May.
Leading the latest edition of the ISMG Security Report: an interview with NIST's Ron Ross about revised guidance on how to get C-suite executives to help shape information risk management. Also, DHS, FBI leaders outline goals for protecting the U.S. election system.
Haryana has launched its own cybersecurity framework. But some security practitioners question whether it's really necessary, given the national policy in place. And they point to a lack of detail in the state policy, such as the failure to spell out penalties to be imposed if a firm fails to protect data.