Speakers at RSA Conference 2014 said information security incident response teams must identify and prep key participants well before incidents occur.
Target’s CIO resigns after massive data breach (ComputerWeekly.com)
Target’s chief information officer has resigned two-and-a-half months after a data breach impacting about 40 million credit and data debit cards
Attorney Marcia Hofmann says without new data privacy laws, the FBI can strong-arm providers into handing over customers' sensitive data.
US holds hearing on data security (ComputerWeekly.com)
The US House of Representatives subcommittee on Financial Institutions and Consumer Credit is to hold a hearing on data security
Expert Kevin Beaver shares his highlights of RSA Conference 2014 and offers advice on how to apply the knowledge learned at this year's event.
Experts say Microsoft's EMET security tool remains valuable to enterprise security teams if used as one layer in a larger security strategy.
On cloud data security validation, providers offer few promises (SearchCloudSecurity.com)
Until a common cloud provider assessment paradigm is agreed upon, experts say enterprises will be left wanting on cloud data security validation.
Financial services sector attracts most cyber crime, says PwC study (ComputerWeekly.com)
More than a third of financial sector organisations say they have been victims of cyber crime, compared with only 17% in other industries
Sears is undergoing a data breach investigation for an unconfirmed incident, but speculation persists about false positives from the Target breach.
RSA 2014: FBI director promises surveillance with privacy (ComputerWeekly.com)
FBI director James Comey tells RSA Conference 2014 that surveillance is necessary, but promises to ensure privacy
RSA 2014: Microsoft and partners defend botnet disruption (ComputerWeekly.com)
Microsoft and its partners have defended disrupting criminal botnets at RSA Conference 2014
At RSA Conference 2014, HP's Art Gilliland says enterprise security strategy must shift toward smarter spending based on security threat research.
Verizon is touting its largest-ever data set for the 2014 DBIR, but the gap is widening between when breaches happen and when they're discovered.
Security vendors often claim that attackers are unpredictable, but two Verizon DBIR researchers say better data can find recognizable patterns.
Several information security topics emerged as hot topics at RSA 2014. Learn three security topics enterprises should keep on their radar.
Blogger and security pro Kevin Beaver ponders why 'cybersecurity' is gaining traction after Day 2 of the RSA 2014 conference.
Though the 2014 RSA Conference boycott fizzled, RSA, Microsoft and other companies defended themselves against NSA collusion allegations.
At the inaugural TrustyCon event, F-Secure's Mikko Hypponen decried the lack of trust in security vendors like RSA and warned of government malware.
Analysis: What is RSA’s relationship with the NSA? (ComputerWeekly.com)
After RSA 2014, are we any closer to understanding RSA's relationship with the NSA?
Microsoft urges businesses on Windows XP to migrate (ComputerWeekly.com)
Organisations running Windows XP should migrate to a more recent version of the operating system for security reasons, says Microsoft
Researchers delivered their 2014 outlook on cyberthreats at the RSA Conference, highlighting attack techniques and ways to defend against them.
Even with a solid insider threat program in place, an RSA Conference 2014 speaker said good insider threat detection tools are key to success.
RSA 2014: Principles key to digital world, says Microsoft (ComputerWeekly.com)
The world needs to set norms around behaviour in cyber space, says Scott Charney, corporate vice president, Trustworthy Computing Group at Microsoft
Blogger and security pro Kevin Beaver says the opening keynotes at RSA 2014 show that the same information security mistakes happen over and over.
RSA 2014: Coviello rejects rumours of deal with NSA (ComputerWeekly.com)
RSA tackles accusations of NSA collusion and calls for international co-operation on cyber security in the opening keynote of RSA Conference 2014
At the 2014 RSA Conference, a trio of CISOs said that SIEM still has its uses, but when it comes to big data analytics, tools like Splunk are needed.
25 Feb 2014 RSA announces Managed Security Partner programme (ComputerWeekly.com)
RSA has announced a programme designed to enable a new generation of managed security services
In his 2014 RSA Conference keynote, Art Coviello downplayed RSA's relationship with NSA, inferring different NSA groups cause perception problems.
Apple has followed up a recent set of iOS fixes with an urgent patch for OS X, correcting a flaw that enabled man-in-the-middle attacks.
The networking giant unveils a new strategy highlighting Sourcefire technology, including new open source application firewall features for Snort.
Microsoft launches technical preview of Emet 5.0 (ComputerWeekly.com)
Microsoft has launched the technical preview of the latest version of its free enhanced mitigation experience toolkit (Emet)
Standardisation key to future security, say experts (ComputerWeekly.com)
The adoption of security standards to enable automated self-healing systems is key to data protection in future
For BYOD-SaaS security, consider established IT security controls (SearchCloudSecurity.com)
Panelists at the Cloud Security Alliance Summit assert that federated identity and gateways, hardly new technologies, are best for BYOD-SaaS security.
At the 2014 CSA Summit, presidential cybersecurity advisor Richard Clarke said NSA monitoring efforts are negatively affecting U.S. cloud providers.
Apple patched a critical iOS SSL flaw Friday that allows attackers to manipulate SSL/TLS data. The flaw exists in OS X too and has yet to be fixed.
21 Feb 2014 Study: Malicious attacks at hospitals risk patient data, health (SearchNetworking.com)
A study conducted by Norse and SANS Institute says networks and devices at U.S. healthcare organizations are being compromised by malicious attacks.
Both Microsoft and Adobe have issued emergency fixes for active zero-day exploits that bypass the ASLR security mechanism.
Adobe releases second critical security update for Flash Player in three weeks (ComputerWeekly.com)
Adobe has released the second critical security update for its Flash Player plug-in in less than three weeks
An NSA-shaped cloud has hovered over the 2014 RSA Conference for months, but the show's agenda and expected attendance belie dark projections.
Interview: New (ISC)2 board chairman Wim Remes intends to better serve current members and increase the value of the CISSP certification.
Top Security Story
PCI 3.0 special report: The state of payment card compliance SearchSecurity | 07 Nov 2013
Get an in-depth analysis of PCI DSS 3.0, an illustrated history of PCI DSS and insights on the future of enterprise payment card compliance.