The lack of a strong security culture at Equifax - especially compared to its two main competitors - was a key factor contributing to its 2017 data breach that exposed the personal records of 145 million Americans, according to a 71-page Congressional report.
The quality of authentication provided by behavioral biometrics is improving, says James Stickland, CEO of Veridium. Nevertheless, he says, "we haven't reached a maturity level where it is used as an explicit form of authentication, but it's certainly now deemed as an implicit form of authentication."
DDoS attacks are getting larger in size and shorter in duration at a time when multicloud environments, which lack a single point of monitoring, are becoming more common, says Ashley Stephenson, CEO of Corero Network Security, who offers risk management insights.
The latest edition of the ISMG Security Report offers an in-depth look at the ever-changing ransomware threat. Other topics: filling the DevSecOps skills gap and the repercussions of Australia's encryption-busting law.
Keynotes and briefings at the recent 28th annual RSA Conference 2019 covered a wide range of topics, including privacy, hackers, cyber extortion, machine learning, artificial intelligence, human psychology, legal matters, career advice and internet-connected device concerns. Here are 15 highlights.
Two third-party Facebook application developers exposed users' personal information by leaving the data exposed without a password in unsecured Amazon Web Services S3 buckets, researchers from UpGuard say. One data set contained 540 million unsecured records, the report found.
Security researcher Zammis Clark, who pleaded guilty to hacking Microsoft - with an accomplice - and later Nintendo, as well as stealing data and uploading malware to Microsoft's network, has received a suspended sentence.
How well can banking institutions apply the right amount of security to the right transactions at the right time? Tim Bedard of OneSpan answers this question in his analysis of ISMG's new State of Adaptive Authentication in Banking survey.
Multi-stage attacks use diverse and distributed methods to circumvent existing defenses and evade detection - spanning endpoints, networks, email and other vectors in an attempt to land and expand. Meanwhile, individual tools including DLP, EDR, CASBs, email security and advanced threat protection are only designed to...