Many recent data breaches, including the Equifax incident, show that "applications are really the vulnerable entry point into organizations and ultimately to organizations' data," says Alex Mosher of CA Technologies.
As the global threat landscape shifts, so does Kaspersky Lab. Moving from its traditional cybersecurity focus, Kaspersky now is honing in on fraud prevention. Emma Mohan-Satta describes this shift and what it means for security and anti-fraud leaders.
Healthcare organizations that rely too heavily on HIPAA compliance are coming up short when it comes to security, says Jennings Aske, an attorney who's CISO at New York-Presbyterian. A far better approach, he says, is to rely on the NIST cybersecurity framework or other comprehensive frameworks.
Faster payments can help to make payments more secure, but they can also raise new security issues. How can those be mitigated? Ed O'Neill of the Federal Reserve provides an update on the activities of two task forces working on this and other issues.
Over the past year, fines levied by various regulatory agencies against breached entities have helped to shape and clarify what cybersecurity attorney Joseph Burton calls the cybersecurity standard of care - a standard for reasonable security that courts will turn to when determining liability and fault in the wake of...
As organizations struggle with finding the delicate balance of cybersecurity and customer convenience, Mordecai Rosen of CA Technologies says behavioral analytics and machine learning will help.
Easy Solutions' Ricardo Villadiego addresses how the digital revolution, millennials and the pervasive use of online communications affect financial fraud.
The cost upsides of writing code that's as free from bugs as possible has long been known, says Veracode's Chris Wysopal, but bugs continue to plague production code. Thanks to the rise of agile programming, however, there are new opportunities to eradicate flaws during development.
Healthcare organizations should consider using the PCI Data Security Standard as a framework that can help them select appropriate security controls, says Christopher Strand of Carbon Black.
Most - but not all - ransomware attacks against healthcare organizations are reportable breaches requiring notification to affected individuals and federal regulators, Deven McGraw, deputy director of health information privacy at the HHS Office for Civil Rights, explains in this video interview.
It's been a half-year now since Art Gilliland stepped into the role of CEO at startup security company Skyport Systems. What lessons has he learned from the marketplace, and where does he expect Skyport to make its mark? Find out in this video interview.
A new report from researchers at RSA describes how cybercriminals are using social media, including Facebook, to not only network about their attacks, but also sell card data and other compromised consumer information. Daniel Cohen of RSA FraudAction describes the report in this video interview.
To minimize the risk of business email compromise schemes and similar types of fraud, senior executives at businesses should avoid posting information about their activities on social media and other accessible forums, says security expert Chuck Easttom.
Even though the U.S. is migrating to the EMV chip, Visa is still stressing the need for merchants to comply with the PCI Data Security Standard, says Eduardo Perez, the card brand's senior vice president of payment risk, in this video interview.
Recent breaches and regulatory audits have sharpened the focus on third-party risks. How are healthcare entities tackling this critical topic of business associate management? Attorney David Szabo shares insights.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cio.inc, you agree to our use of cookies.