In this week's breach roundup, British Columbia's health minister has confirmed personal health data for millions of individuals was accessed for research purposes without authorization, and a Canadian agency lost a device containing student loan information for almost 600,000.
Two new insider fraud cases showcase the challenges organizations face to detect and prevent crimes by trusted employees. "You need IT controls, but you need more than IT," says researcher Randy Trzeciak.
How are banks responding to DDoS phase 2? "From a technology standpoint, we have improved our defenses quite a bit," says Dan Holden of Arbor Networks. Experts discuss top DDoS lessons banks have learned.
Many organizations are weighing whether cyber-insurance is a worthwhile investment. A decision on the type of policy to buy, and what it should cover, depends, in part, on the type of information that could be exposed.
In this week's breach roundup, regulators are investigating a possible breach involving Kaiser Permanente and a business associate, and hackers compromise servers at a University of North Carolina cancer center.
In light of growing threats and the increasing complexity of information technology, organizations must get everyone in the enterprise, especially top leaders, involved in assessing and managing information risk.
To mitigate the top threats for 2013, organizations need to understand the motivations of potential attackers so they can adequately defend their networks and systems. Experts describe risk management strategies for the year ahead.
Forensics expert Rob Lee says its not new types of attacks that concern him. It's the old ones that continue to impact organizations. How can forensics pros learn from past incidents and respond in 2013?
The hacktivist group Izz ad-Din al-Qassam Cyber Fighters claims that its second phase of distributed-denial-of-service attacks has affected nine banks since Dec. 11, and it warns more attacks are on the way.