The most important lesson from the lawsuit electronic health records vendor Epic Systems filed against Tata Consultancy Services is that data security controls must extend beyond protecting personally identifiable information to include intellectual property, attorney Ron Raether explains in this audio report.
"Internet of Things" developers must think about how attackers might attempt to exploit a device, and why, and then write code designed to block such attacks, says Charles Henderson, IBM's global head of security testing and threats.
Are you making the most of all the intelligence available to you today? What are the practical aspects of plugging abstract threat intelligence into your specific business use cases? Deloitte's Parthasarathy shares deeper insight.
A new coalition of leaders from government, industry and privacy advocacy groups hopes to help provide a framework for reaching a consensus on how to use IT to ensure society's security while protecting individuals' privacy, says Art Coviello, an organizer of the new Digital Equilibrium Project.
MedStar is but the latest healthcare entity to fall victim to a ransomware attack. What can organizations do proactively to improve their ransomware defenses and response? PhishMe CEO Rohyt Belani offers insight.
A new report, Threat Horizons 2018, from the Information Security Forum paints a fairly pessimistic picture of enterprises' ability to protect their IT from cybercriminals over the next two years. In an interview, ISF's Steve Durbin discusses what organizations can do to mitigate cyberthreats.
Although the battle over whether the courts should compel Apple to help the FBI unlock the iPhone used by one of the San Bernardino shooters is on hold for now, the debate over the privacy issues involved isn't going away, says Greg Nojeim of the Center for Democracy and Technology.
In many enterprises, the CISO reports to the CIO, and occasionally you find a CIO who reports to the CISO. But Venafi's Tammy Moskites holds both roles. How does she manage the natural tension between IT and security?
In the world of the extended enterprise, everybody seeks greater visibility into network activity. But Gidi Cohen was there in 2002, founding Skybox Security to provide analytics to improve cybersecurity. Cohen discusses the evolution of visibility.
Because of growing cybersecurity concerns, CISOs in the financial sector finally are getting more time with their boards of directors and more direct interaction with senior executives, says John Carlson, chief of staff at the Financial Services Information Sharing and Analysis Center.
Automated threat intelligence sharing can significantly reduce the amount of time it takes organizations to identify, assess and react to attacks, according to new research from Johns Hopkins. Mark Clancy, CEO of Soltra, says automated information sharing with government and other sectors is catching on.
Blockchain technology used by bitcoin and other cryptocurrencies offers opportunities for enhanced authentication and ID management, as well as cross-border money remittances, says Ben Knieff of the consultancy Aite. But he contends it's not clear that the technology could play a role in faster payments.
Webroot has just released its 2016 edition of its annual threat brief. In an exclusive interview, Michael Malloy, executive vice president of products and strategy, discusses the report and how its key findings will likely play out in the year ahead.
Threat response is a lot like physical fitness. Enterprises know what they need to do - they often just opt not to do it. RSA's Rashmi Knowles offers advice for how to move from threat prevention to response.