From Neiman Marcus to P.F. Chang's, 2014 has shaped up to be the 'Year of the Data Breach.' What lessons can be gleaned from the trenches of breach investigation? Experian's Michael Bruemmer shares tips.
The "Energetic Bear," a.k.a. "Dragonfly," hacking campaign targets U.S. and Western European energy firms. While the hackers appear to be backed by Russia, the purpose of their attacks remains unclear.
Could too much regulatory oversight hinder cyberthreat information sharing, rather than encourage it? That's an increasing concern for bankers, who argue regulators could bog down progress in cybersecurity.
Users' fear of data loss on personal devices must be balanced with an organization's need to protect sensitive information, says ZixCorp's Nigel Johnson. He explains the evolution of mobile device management.
Thefts of iPhones in New York, San Francisco and London declined after Apple added a remote-disabling feature. Now Google and Microsoft have promised to offer the feature in their mobile operating systems.
If the NSA's meddling in NIST cryptography standards soiled the reputation of the National Institute of Standards and Technology, an amendment approved by the House of Representatives could help restore it.
Kentucky is now the 47th state to enact a breach notification law. While a national law superseding the widely varying state statutes is long overdue, the primary election defeat of House Majority Leader Eric Cantor makes passing such a bill tougher.
When NIST issued "Guidelines on Cell Phone Forensics" in May 2007, Apple's introduction of the iPhone was a month away. Seven years later, NIST is revising its guidance and giving it a new moniker, "Guidelines on Mobile Device Forensics."
"Banks can play offense, to use mobile in a justifiable way to engage customers into their security," says Jim Van Dyke of Javelin Strategy & Research. He outlines a strategy for using mobile devices to enhance fraud detection.