New legislation calls for an overhaul of the federal government's software vulnerability disclosure policies following the ransomware outbreak that was fueled by the leak of a stolen National Security Agency cyberweapon.
The figure sounds alarming, 60 percent of small companies went belly up within six months of a breach. And that stat was repeated several times by lawmakers as a House panel debated - and approved - a bill aimed at helping small businesses battle hackers. But is that number true?
The government of India is taking the data protection and privacy bull by the horns, gunning for comprehensive data protection legislation within the next 5 months. Experts offer an analysis of what the nation needs.
Leading the latest edition of the ISMG Security Report: FBI Director James Comey's revelation of a counterintelligence investigation of possible ties between Donald Trump's presidential campaign and Russia's actions to influence the U.S. presidential election.
Responding to disruptive data breaches, dealing with Mirai botnets, hacking back and the need for enterprises to segment their backup environments were just some of the topics dominating this year's RSA Conference in San Francisco.
Amidst the increasing security chaos facing individuals and organizations, one of the dominant themes at this year's RSA Conference was the need for information security professionals to do more, bringing order to enterprise IT security as well as by influencing public policy.
Australia's Parliament has passed a mandatory data breach notification law that requires some organizations to tell consumers and regulators about an incident within 30 days or face hefty fines. But one security expert says the law has gaps that could pose risks.
President Barack Obama has signed the National Defense Authorization Act, legislation that includes a provision he opposes to leave the leader of the newly-elevated U.S. Cyber Command as the head of the National Security Agency as well.
Today's ISMG Security Report leads off with House Homeland Security Committee Chairman Michael McCaul and DHS Secretary Jeh Johnson lamenting about the congressional bureaucracy that hinders passage of needed cybersecurity legislation.
Western experts evaluating China's new cybersecurity law contend it will do very little to safeguard information but will erode privacy rights and make it harder for foreign enterprises to do business in China.
Businesses on both sides of the Atlantic are lauding the new U.S.-EU Privacy Shield, which gives them a legal way to handle Europeans' personal data. But privacy rights groups have criticized the agreement for falling short of the EU's own privacy protections.
A new EU law will impose minimum cybersecurity measures on organizations as well as require enterprises across multiple sectors - including the likes of Amazon and Google - to report security breaches to authorities.