How well can banking institutions apply the right amount of security to the right transactions at the right time? Tim Bedard of OneSpan answers this question in his analysis of ISMG's new State of Adaptive Authentication in Banking survey.
The computer systems the U.S. Department of the Treasury uses to track the nation's debt have serious security flaws that could allow unauthorized access to a wealth of federal data, according to a pair of audits released this week by the Government Accountability Office.
Passwords are still a persistent security threat, given their ubiquity as a form of authentication and the inability of users to create strong, unique passwords. John Bennet of LogMeIn discusses the issue and solutions.
Identity and access management is more complicated when organizations rely on a cloud infrastructure, says Brandon Swafford, CISO at Waterbury, Connecticut-based Webster Bank, who describes the challenges in an interview.
Driven by Marriott's Starwood mega-breach, California lawmakers are pushing legislation that would expand the state's pioneering data breach notification requirements to include breaches of biometric data and all types of government identification numbers, including passports.
The latest edition of the ISMG Security Report describes vulnerabilities found in popular password generator apps. Plus, the evolution of blockchain as a utility and a new decryptor for GandCrab ransomware.
Cryptocurrency exchanges are seeing fraudsters submit doctored photos in an attempt to reset two-step verification on accounts. The ruse appears to have some degree of success, underscoring the difficulties around verifying identity on the internet.
The State Bank of India, the nation's largest bank, is investigating an apparent data leak that reportedly exposed information on millions of its customers. Security experts are calling on all banks to improve their server management practices.
Venture capitalists invested $5.3 billion in cybersecurity companies in 2018, about 20 percent more than in 2017 and twice as much as 2016, according to research from Strategic Cyber Ventures. What's ahead for 2019 and beyond?
Researchers from Tenable Security claim they have found what is essentially a skeleton key for an ID and access control system that could open the doors for anyone, plus other less severe but nonetheless zero-day vulnerabilities.
The organization that manages IT for Singapore's public healthcare sector says it has terminated, demoted or financially penalized several employees for their roles in the handling of a 2017 cyberattack on SingHealth, the nation's largest healthcare group. What do U.S. security experts think of these measures?
An EU General Data Protection Regulation enforcement action against a hospital in Portugal demonstrates complying with GDPR may be even tougher than complying with HIPAA. Regulatory experts analyze the implications of the case.