Many organizations both misunderstand and underestimate the power and scale of today's DDoS attacks, says Darren Anstee of Arbor Networks. And these lapses may be negatively impacting enterprises' DDoS defense.
David Finn, a former healthcare CIO, says he agreed to join a new Department of Health and Human Services cybersecurity task force because he supports its mission of involving representatives of all healthcare sectors in the effort to tackle challenges. In this interview, he outlines key security issues.
The recent surge in ransomware attacks on hospitals has at least one member of Congress contemplating whether HIPAA's breach notification requirements need to be clarified or updated to reflect the trend.
A new report, Threat Horizons 2018, from the Information Security Forum paints a fairly pessimistic picture of enterprises' ability to protect their IT from cybercriminals over the next two years. In an interview, ISF's Steve Durbin discusses what organizations can do to mitigate cyberthreats.
Will the Fed support the use of cryptocurrency and related blockchain technology to help push the movement to faster payments? Experts at ISMG's Fraud and Data Breach Prevention Summit in San Francisco last week considered the possibilities.
Verizon Enterprise Solutions, which regularly assists clients in responding to their data breaches, admits it's suffered its own breach. The breach of contact information reportedly affected 1.5 million business customers, who now face greater risk of phishing attacks.
Despite the recent move to put the FBI-obtained court order against Apple on hold, the crypto debate is far from over, said a panel of law enforcement, legal and industry experts at Information Security Media Group's Fraud and Breach Prevention Summit in San Francisco.
Neither the FBI nor Apple looks good in the days following the postponement of a hearing on whether Apple should be forced to help the bureau crack open the iPhone of one of the San Bernardino shooters. The FBI's credibility is being questioned as Apple's security technology is being tarnished.
More than 300 security incidents involving Obamacare's HealthCare.gov were reported over an 18-month period, according to a new GAO report, which recommends numerous security and privacy control enhancements for the federal health insurance marketplace.
A dearth of actuarial data stymies the growth of the cyber insurance market, experts told Congress at a March 22 hearing. A repository of such data would provide more information to support creation of policies and help enterprises gain a better understanding of the risks they face, they testified.
A watchdog agency's audit of the Department of Veterans Affairs makes nearly three dozen recommendations for how the VA should address "material weakness" in its information security program. The VA's CIO tells Congress all the issues raised will be addressed by the end of next year.
Attackers have targeted an unknown number of Russia's 700 banks with bogus security-alert emails. The combination of official-looking infrastructure and digitally signed malware recalls the Anthem attack, among other campaigns.
Although most breach-related class action lawsuits fail, a multimillion dollar settlement of a suit stemming from a data breach at St. Joseph Health System in California illustrates how egregious breaches can have serious financial consequences.
A new report suggests that a Chinese cyber espionage APT attack group is behind a string of targeted ransomware infections that have slammed U.S. firms. Dig into the details, however, and the report is nothing but speculation, two security experts caution.