The Department of Homeland security sees malware provenance - which identifies the attributes of malicious codes - as a way to complement its signature-based Einstein intrusion detection and prevention systems to find malware that infects IT systems.
The PCI Security Standards Council will soon release an update to its PCI Data Security Standard, requiring the use of multifactor authentication for administrators who have access to card data networks. In an interview, the council's Troy Leach explains the new requirements and compliance expectations.
Automobiles have crash ratings. Do they need ratings for cybersecurity, too? In this interview, security expert Jacob Olcott of BitSight Technologies previews a session he'll moderate at the RSA Conference 2016 that will address this question.
It's the perfect time to debate whether the government should compel Apple to help the FBI circumvent protections blocking access to the San Bernardino shooter's iPhone. Hear Apple CEO Tim Cook, FBI Director James Comey, Sen. Marco Rubio and cryptologist Bruce Schneier in this audio report.
Jeff Shaffer, a former Secret Service agent, has investigated cybercrime for more than 25 years. Now a manager at PricewaterhouseCoopers, he discusses how organizations can protect their assets better by understanding their attackers' MO.
Why should CISOs not report to CIOs? And why do CISOs need more direct lines of communication with CFOs? Chris Pierson, a cybersecurity attorney and CISO who'll be a speaker at RSA Conference 2016, provides answers.
Privacy looks to be one of the hottest topics at RSA Conference 2016. Cisco's Michelle Dennedy shares insights on encryption backdoors as well as the likely impact of newly revised EU privacy legislation.
It's the 25th anniversary of the RSA Conference. What's planned for this year's landmark security event? Britta Glade, senior content manager for the conference, and Informatica CISO Bill Burns offer a preview of the RSA Conference 2016 in San Francisco.
Even as the demand for security professionals grows, the outflow of practitioners from the profession is greater than the influx of fresh blood, says (ISC)Â² CEO David Shearer. How can this trend be effectively addressed?
Mobility and IoT are acknowledged by security practitioners to be a whole different beast when it comes to management. MetricStream's French Caldwell says that GRC likewise needs to change its paradigm to accommodate this disruption.
A successful startup is fueled by passion, speed and innovation - all enabled by technology. Not securing this technology layer from day one can therefore have expensive consequences later. IEEE's Diogo MÃ³nica shares security insight for startups.
Sophisticated phishing campaigns, increasingly targeted because of social media, are fueling business email compromises - a growing wire fraud scheme that is attacking businesses worldwide, says Jim Hansen of PhishMe.
Extortion campaigns waged by cybercriminals are expected to become more damaging in 2016, putting additional pressure on CISOs to enhance protection of internal networks and educate employees about extortionists' techniques, says iSight Partner's John Miller.