Luxury clothing retailer Neiman Marcus has disclosed that a December 2015 breach compromised more sensitive information than first thought. It also disclosed a fresh attack in January that exposed names, contact information, email addresses and purchase histories.
A report from Editorial Director Tom Field on why organizations struggle with privileged access management leads the latest edition of the ISMG Security Report. Also, did the NSA target SWIFT bureaus?
Businesses that fail to block former employees' server access or spot any other unauthorized access are asking for trouble. While the vast majority of ex-employees will behave scrupulously, why leave such matters to chance?
IT security leaders deploy enterprise data loss prevention (DLP) for three major use cases: regulatory compliance, intellectual property protection and increased visibility into how users treat sensitive data. New research evaluates DLP products for these three use cases, based on nine critical...
Bryce Austin, a former technology lead at Target during the retailer's massive November 2013 breach, says the role of the CISO needs to evolve, ensuring that cybersecurity is balanced with the overall needs of the company. He claims tying the CISO's performance to the company's revenue is the best way to do that.
New documents dumped online by the Shadow Brokers group have revealed apparent NSA programs designed to target SWIFT service bureaus in the Middle East as well as a slew of exploits designed to infect Windows systems, patched last month by Microsoft.
Good news for Microsoft Windows users: The Equation Group exploit tools dumped this month by Shadow Brokers don't work against currently supported versions of Windows, largely thanks to patches Microsoft released in March. But who tipped off Microsoft?
This paper identifies key requirements of a flexible security framework, and explores how enterprises can use APIs to extract signals that enhance their existing security ecosystem.
Download the Framework for Resilient Cybersecurity and learn how to:
Evaluate the threat landscape;
Choose the right security tools...
Cyberattackers love not having to reinvent the wheel. At least, that's the tactic favored by the Callisto group, an "advanced threat actor" that's been using leaked Hacking Team spyware to infect targets, says security firm F-Secure.
Too many businesses assume that the internet will be around forever, but that's faulty thinking and an impractical business practice, says Information Security Forum's Steve Durbin, a featured speaker at Information Security Media Group's Fraud and Breach Prevention Summit in Atlanta this month.
A Colorado-based community healthcare center is the latest entity to learn an expensive lesson from federal regulators about the importance of conducting a timely and comprehensive risk assessment.
In October 2016, IBM commissioned Forrester Consulting to evaluate the means by which enterprises are managing and securing various endpoint form factors today and how strategies will change over the next three years. In conducting an in-depth survey of 556 IT and security leaders in the US, the UK, Germany, India,...
Implementing and maintaining Payment Card Industry Data Security Standard (PCI DSS) is challenging in today's complex business and technology environments. Many financial institutions only partially comply. By incorporating PCI DSS into a holistic governance, risk and compliance (GRC) program, financial institutions...
Most sophisticated organizations have had their incident response plans in place for several years. But the landscape has changed, and incident response plans and planning that remain static are at risk of being counter-productive in today's environment. If you haven't dusted off your plan in even a couple of years,...
Many organizations are undergoing a transformation to support digital platforms and stay competitive; but in order to maintain security, they have to ensure that access to these platforms is limited and that security remains a priority. New vulnerabilities to cybercrime are being introduced through hybrid...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.
