Too often, individuals who fail to take the proper steps to secure IT aren't punished for their reckless behavior. But should those who consistently fail to follow safe cyber hygiene be severely penalized for repeatedly falling for phishing attacks?
The FDIC says cybersecurity is a business continuity issue. So it's offering banks a series of videos and exercises to help them address key threats, including account take-over, malware infections and other risks related to third parties.
MasterCard is testing a smartphone app that lets users approve online transactions using facial recognition, via the equivalent of taking a selfie. But could such technology be spoofed, and will it reduce card fraud?
Breached dating website FriendFinder allegedly missed email warnings from security researchers that its site had been breached and customers' data was being sold on a "darknet" site. What can other businesses learn from that apparent mistake?
Ed Felten, the new federal deputy chief technology officer, hasn't been shy about criticizing the federal government, whether it's about the NSA undermining encryption standards or the FBI not being entirely transparent on malware warnings.
A proposed national data breach notification bill to usurp 47 state statutes could make it easier for businesses to notify consumers of a breach. But is that worth weakening PII protections some states offer? Massachusetts plans to do battle.
Israeli Prime Minister Benjamin Netanyahu may have been a bit premature to claim Israel has deployed a cyber "iron dome" to protect its critical IT and defense systems. But a new initiative under way will try to do just that.
Characterizing the state of employment among American information security practitioners, executive recruiter Joyce Brocaglia says, "We are experiencing negative unemployment in the field of information security."
If the NSA's meddling in NIST cryptography standards soiled the reputation of the National Institute of Standards and Technology, an amendment approved by the House of Representatives could help restore it.
Kentucky is now the 47th state to enact a breach notification law. While a national law superseding the widely varying state statutes is long overdue, the primary election defeat of House Majority Leader Eric Cantor makes passing such a bill tougher.
An analysis of the Target breach prepared for a Senate committee is a political document that might help its patron's agenda but doesn't go far enough to identify technical solutions to help enterprises avoid Target-like breaches.
In case you missed ISMG's 2013 Fraud Summit - or even if you were there and want to share insights with colleagues - I'm pleased to announce the availability of a series of session videos featuring top fraud experts.