Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Kaspersky Lab files injunction in an effort to expedite its appeal against the DHS’s decision to ban government agencies from using the company’s products [Read More]
Class action lawsuits have been filed against AMD and Apple over Spectre and Meltdown CPU vulnerabilities [Read More]
BlackBerry launches Jarvis, a tool that helps companies in the automotive and other sectors scan their code for vulnerabilities and achieve compliance [Read More]
At least three class action lawsuits have been filed against Intel over the recently disclosed Spectre and Meltdown vulnerabilities [Read More]
DMARC implemented on roughly half of US government domains as a result of a DHS directive, but only 16% quarantine or reject unauthenticated emails [Read More]
Keeper Security files lawsuit against Ars Technica and reporter Dan Goodin over article covering critical vulnerability found by Google researcher [Read More]
Kaspersky files lawsuit against the U.S. government over the DHS operational directive ordering federal agencies to stop using the company’s products [Read More]
Cisco announces availability of Security Connector, an iOS app that gives organizations visibility and control for mobile devices [Read More]
US President Donald Trump signs National Defense Authorization Act for FY2018, which bans the use of Kaspersky products by government agencies [Read More]
Study conducted by Accenture and AMA shows that a majority of physicians in the US have experienced a cybersecurity incident, including phishing, malware and inappropriate access by insiders [Read More]

FEATURES, INSIGHTS // Compliance

rss icon

James McFarlin's picture
U.S tech giants are playing a game of high-stakes global brinksmanship around who has rights to control their data, which impacts their European growth prospects, business models, and ultimately stock valuations.
Mark Hatton's picture
The oversight for the protection of healthcare information is only getting tighter, and it is incumbent upon the security teams to ensure healthcare professionals have all the tools necessary to improve patient outcomes, while we worry about keeping the bad guys away.
Nimmy Reichenberg's picture
With the release of PCI-DSS 3.0, organizations have a framework for payment security as part of their business-as-usual activities by introducing more flexibility, and an increased focus on education, awareness and security as a shared responsibility.
Mark Hatton's picture
Complacency is never a good thing, but in security it can have devastating effects. While it’s good to acknowledge progress, that should never stand in the way of staying ahead of the next potential threat.
Chris Hinkley's picture
For security professionals, PCI DSS 3.0 means that PCI compliance will become more of an everyday business practice, rather than an annual checklist obligation.
Chris Hinkley's picture
Compliance is a byproduct of a solid security program – but that doesn’t mean it’s simple. Compliance can involve technical architecture and operational processes that many organizations simply don’t understand or don’t want to bother with.
Gant Redmon's picture
The CSO is so critical for the CPO’s success that I guarantee that if you send this article to your CPO, they will take you out for a free lunch the next day.
Nick Cavalancia's picture
In the era of the public cloud, when employees are frequently using consumerized applications to share and store data, it's time for security and risk professionals to adopt a new security thought paradigm that focuses on the insider threat that employees create, not solely on protecting data itself.
Jon-Louis Heimerl's picture
The Omnibus Rule that updated the Health Insurance Portability and Accountability Act (HIPAA) has the potential to be a game changer because of the things it says in writing, as well as some of the things that it doesn’t say.
Dr. Mike Lloyd's picture
2012 was an interesting year in security – publicity around breaches led to greater awareness than we’ve seen in years, encouraging many in the Federal sector to look into our corner of IT. So what will happen in IT Security 2013?