The British government aims to increase uptake of five essential security controls at U.K. businesses, backed by third-party annual audits and a badge of compliance. Many government contractors must comply.
To address new features and new threats, the National Institute of Standards and Technology has revised its guidance for transport layer protocol. Learn about the recommendations for protecting data during transmission.
Organizations across all industry sectors understand the importance of information security. But turning security awareness into meaningful action - that's the challenge that many midsized entities face, says Sophos' Nick Bray.
An analysis of the Target breach prepared for a Senate committee is a political document that might help its patron's agenda but doesn't go far enough to identify technical solutions to help enterprises avoid Target-like breaches.
The No. 1 reason Congress, after five years of intensive efforts, has yet to enact comprehensive cybersecurity legislation is differences over how much liability protection to grant businesses to get them to share cyberthreat information.
Fraudsters continually find new ways to attack, but too many organizations rely on old, unsuccessful methods to detect and prevent fraud. This is the premise, says David Mattos, VP Sales, with Easy Solutions.
Whether reports that the National Security Agency entered into a secret contract with security provider RSA are true or not - and RSA says they're not - the reputations of all American security vendors have been tarnished.
The breach of a card loyalty marketing company has reignited discussions about the roles banking institutions, regulators and others play when it comes to mitigating third-party risks. Where should the buck stop?