Identity management is going to be a big issue in 2016, and emerging authentication tools, such as biometrics, could very well gain a more significant foothold, although not without posing new risks, says Steve Martino, CISO at Cisco Systems.
The "industrialization" of cybercrime, remote-access attacks and mobile-banking application and online-browser overlay attacks are trends the financial industry should monitor this year, says George Tubin of IBM Security Trusteer.
The Department of Homeland security sees malware provenance - which identifies the attributes of malicious codes - as a way to complement its signature-based Einstein intrusion detection and prevention systems to find malware that infects IT systems.
The PCI Security Standards Council will soon release an update to its PCI Data Security Standard, requiring the use of multifactor authentication for administrators who have access to card data networks. In an interview, the council's Troy Leach explains the new requirements and compliance expectations.
Automobiles have crash ratings. Do they need ratings for cybersecurity, too? In this interview, security expert Jacob Olcott of BitSight Technologies previews a session he'll moderate at the RSA Conference 2016 that will address this question.
It's the perfect time to debate whether the government should compel Apple to help the FBI circumvent protections blocking access to the San Bernardino shooter's iPhone. Hear Apple CEO Tim Cook, FBI Director James Comey, Sen. Marco Rubio and cryptologist Bruce Schneier in this audio report.
Jeff Shaffer, a former Secret Service agent, has investigated cybercrime for more than 25 years. Now a manager at PricewaterhouseCoopers, he discusses how organizations can protect their assets better by understanding their attackers' MO.
Kevin Haley, a researcher at Symantec, says the moneymakers behind Dridex are successfully infecting thousands of users worldwide on a monthly basis, purely through spam - making Dridex the most dangerous banking Trojan on the market today.
When it comes to medical device security, healthcare organizations need to make some bold moves to improve the cybersecurity of devices used in their environments, says medical device cybersecurity expert Stephen Grimes. He'll be a featured speaker at the HIMSS 2016 Conference.
With the U.S. accelerating its adoption of the EMV chip, encryption and tokenization, life is going to get tougher for fraudsters, and card-not-present fraud will rise, says PCI Council Director Jeremy King. Regions with poor data security must beware.
Why should CISOs not report to CIOs? And why do CISOs need more direct lines of communication with CFOs? Chris Pierson, a cybersecurity attorney and CISO who'll be a speaker at RSA Conference 2016, provides answers.
Privacy looks to be one of the hottest topics at RSA Conference 2016. Cisco's Michelle Dennedy shares insights on encryption backdoors as well as the likely impact of newly revised EU privacy legislation.
It's the 25th anniversary of the RSA Conference. What's planned for this year's landmark security event? Britta Glade, senior content manager for the conference, and Informatica CISO Bill Burns offer a preview of the RSA Conference 2016 in San Francisco.