Randy Trzeciak and his CERT Insider Threat Center colleagues are working to broaden the definition of the insider threat to incorporate not just the risk to information and IT but to facilities and people, too.
Adobe is notifying 2.9 million customers that their personal information has been compromised as a result of a breach into the software company's network. Source code for numerous products was also illegally accessed.
The State Department's top cyberdiplomat, Chris Painter, explains how the United States is helping other nations beef up their laws and policies to battle cybercrime and improve international collaboration on cyberthreats.
It's been four years since federal officials began tracking major healthcare data breaches. What important lessons can be learned from the causes of these breaches as well as HIPAA enforcement actions by federal regulators?
Too many organizations are spending far too much money on gathering big data that they cannot put to good use, such as for fraud prevention, says IDC analyst Jerry Silva, who stresses that investments must have strategic value.
In this week's breach roundup, read about the latest incidents, including a Florida hospital notifying 9,900 patients that a former employee inappropriately accessed their records with the apparent intent to commit fraud.
Successfully implementing the SANS 20 Critical Security Controls requires far more than just deploying systems, platforms or services. Experts offer insights on effective strategies for leveraging technical controls.
Hackers allegedly trafficking in personally identifiable data have reportedly breached the computers of three major data aggregators, raising doubts about knowledge-based authentication as a tool to verify identity.
Although the U.S. and Chinese governments blame one another for cybermischief, they should collaborate to battle common cyberthreats, says Christopher Painter, the State Department's top cyberdiplomat.
Faced with the growing threat of breaches, cyber-attacks and fraud, more organizations are building robust incident response strategies that identify how an investigation would proceed. Experts offer insights on effective investigation management.