Leading the latest edition of the ISMG Security Report: The death of former White House Cybersecurity Coordinator Howard Schmidt, and a report on legislation to strengthen the influence of the National Institute of Standards and Technology on federal civilian agencies.
The technology and know-how exists to build a hack-proof computer, but doing so won't be easy, says Howard Shrobe, principal research scientist at the Massachusetts Institute of Technology's Computer Science and Artificial Intelligence Laboratory.
Paid breach notification site LeakedSource has disappeared. Given the site's business model - selling access to stolen credentials to any potential buyer - breach notification expert Troy Hunt says the site's demise is no surprise.
Attackers are increasingly targeting mobile channels, driving banks to seek better ways of verifying the authenticity and integrity of not just users, but also mobile devices and transactions, says John Gunn of cybersecurity technology firm Vasco Data Security.
Leading the latest version of the ISMG Security Report: a look at how various sectors are moving away from checkbox compliance, instead taking proactive measures to secure their information assets. Also, big increase in e-commerce fraud and Yahoo's costly breach.
Financial fraud has changed fundamentally in recent years. And because of that evolution, anti-fraud defenses need to morph from point solutions into an integrated, enterprise approach, says IBM's Paul Clandillon.
Emerging insider threats have quickly proven that the proverbial "walled garden" is not so walled after all, and without true end-to-end encryption, insiders and outsiders can compromise sensitive data, says Dr. Phillip Hallam-Baker of Comodo Group.
Through a technique known as "retrospection," organizations can replay attacks, going back to scan their networks for malware identified after their networks were infected, says Ramon Peypoch of Protectwise.
Organizations are increasingly turning to user behavioral analytics to help more quickly detect new attacks - emanating from inside or outside the enterprise - as well as mitigate those threats, says CA's Mark McGovern.
As more IoT devices are compromised to wage large-scale attacks, related litigation and regulatory scrutiny will grow, which means device manufacturers - and users - could be held more accountable, says Richard Henderson, global security strategist at Absolute.
Increasing regulatory oversight is overwhelming smaller banks and credit unions, pushing them to continue to focus more on compliance than overall cybersecurity and resilience, says Sean Feeney, CEO of Defense Storm.