One of the core values of the cybersecurity framework is to facilitate communication among various stakeholders coming from different technical and managerial backgrounds who must collaborate to build secure IT systems, NIST Program Manager Matt Barrett explains in an interview.
The annual Infosec Europe conference in London included a number of information security highs and lows, from hackers in hoodies and Guy Fawkes masks to free ice cream and Mikko Hypponen revealing that he too has been pwned.
The business of executive email hacking is booming, with hundreds of millions of dollars lost in fraudulent wire transfers. But businesses can improve their processes to avoid inadvertently transferring funds to fraudsters, according to one expert.
Cyberattacks have gained regulatory attention worldwide. But the world doesn't need more regulation to address new threats, says Steve Durbin of the Information Security Forum. Instead, government must work more closely with the private sector.
After blaming a recent spate of bank robberies on banks' poor information security practices, SWIFT has changed its tune. Now it says it wants to help financial firms spot related fraud and better share information about unfolding threats.
With hack attacks continuing against banks, SWIFT must follow in the footsteps of other vendors - notably Microsoft - and begin offering detailed, prescriptive security guidance to its users, says Doug Gourlay of Skyport Systems.
Neither the FBI nor Apple looks good in the days following the postponement of a hearing on whether Apple should be forced to help the bureau crack open the iPhone of one of the San Bernardino shooters. The FBI's credibility is being questioned as Apple's security technology is being tarnished.
Email security is a growing worry, despite the fact that phishing attacks and spam have been around for decades, says Vidur Apparao, CTO of Agari. In this video interview, he explains why DMARC is gaining ground as a viable way to shore up email defenses.
Automated threat intelligence sharing can significantly reduce the amount of time it takes organizations to identify, assess and react to attacks, according to new research from Johns Hopkins. Mark Clancy, CEO of Soltra, says automated information sharing with government and other sectors is catching on.
Unlike other security and breach reports, Verizon's Data Breach Digest is a collection of data breach investigation case studies from around the world. Verizon's Ashish Thapar elaborates on findings from this digest.
Financial services firms and healthcare institutions have been at the forefront of adopting encrypted email, simply because so much vital and sensitive information today naturally flows via email, Dave Wagner, CEO of ZixCorp, says in this video interview.
Warning: Too many voice over IP devices being used in enterprise environments have well-known default passwords or no security at all, thus leaving organizations at risk from covert surveillance and toll-fraud scammers, experts say.