Information security program management
Facebook came under fire after a two-factor authentication bug sent non-security notifications to users' phones, sparking a debate about media coverage and 2FA adoption.
Data breach fatigue should be put on hold after the Equifax data breach and Uber hack taught us painful lessons about enterprise security shortcomings.
"Three may keep a Secret, if two of them are dead." So wrote Benjamin Franklin, in Poor Richard's Almanack, in 1735. Franklin knew a thing or two about secrets, as well as about cryptography, given ...
The FBI's Don Freese spoke at the (ISC)2 Security Congress this week about the need to end the practice of blaming hacking victims. But will infosec professionals listen?
Looking at the overall numbers for the contributors to the Verizon Data Breach Investigations Report (DBIR) from the past five years, it would seem like the amount of partners is hitting a plateau, ...
Security expert Bruce Schneier said programmers' freedom to code whatever they want will likely come to an end. Should the industry brace itself for software regulations?
RSA Conference 2017 was full of talk about future IoT attacks, but Intel Security's Christopher Young said the Mirai botnet is still an enormous threat and demonstrated why that is.
With no single trend or theme dominating at RSA Conference 2017, this year's show will still have plenty of material on machine learning, IoT security and much more.
Encryption shouldn't be used to protect people from themselves, especially if it gets in the way of innovation.
According to market forecasts, more companies are investing in cybersecurity and that spending is likely to increase dramatically in the next few years. MarketsandMarkets has forecast cybersecurity ...
MobileIron's enterprise mobile management software wasn't installed on the iPhone of San Bernardino shooter Syed Rizwan Farook. Was that the right move?
Vulnerability branding was once a practice that elevated understanding of flaws and potentially led to better remediation, but now serves as little more than marketing for security researchers.
The technology industry has allowed the debate over encryption and "going dark" to get out of hand. But it can start to right that wrong at RSA Conference next week.
Security startup Morphisec has introduced a new approach to defending endpoint devices that turns the tables on attackers. Here's how the company's "moving target defense" technology works.
CES 2016 has come to a close, and once again the mega-trade show had little to offer in terms of information security. Here's why that's bad news.