When it comes to data breaches, hackers and organized crime garner most of the headlines, but most data breaches are caused by human errors and system glitches--application failures, inadvertent data dumps, logic errors in data transfer and more. As a result, educating your employees and making sure they're not cutting corners is a big component in preventing data breaches.

For the second year in a row, social media sites (including gaming and dating sites) are leading the way in consumer security and privacy protections, beating out Internet retailers and banks, according to an annual comprehensive audit by the Online Trust Alliance (OTA).

Your organization will come under attack. It's not a matter of "if." It's a matter of "when." And security is no longer simply an operational concern. As technology has become the central component of nearly all business processes, security has become a business concern. As a result, information security should sit firmly on the boardroom agenda.

Signature-based blacklisting security technologies are losing the battle against malware, says McAfee, which has streamlined its endpoint security offerings to two suites that it says provide next-generation security for all endpoints, whether PCs, tablets or ATMs.

PayPal CISO Michael Barrett took the keynote stage at Interop to announce the impending death of passwords and their replacement with more robust authentication protocols based on an open standard. Apple may lead the way with its next iPhone.

Analysis of machine-generated data can play an important role in a sophisticated layered defense for your data and systems, but getting there can be challenging even with advanced intelligence platforms.

The Associated Press's Twitter account was hijacked this afternoon and used to tweet a false message that reported two explosions at the White House had left U.S. President Barack Obama injured. One security expert says the incident underscores the need to adopt out-of-band two-factor authentication and keystroke encryption.

Consumers often fail to perform transactions online due to authentication failure. But while they struggle, they also distrust websites with weak authentication procedures.

Few things can keep CIOs up at night these days like mobility, particularly bring your own device (BYOD). After all, mobile, consumerization of IT and bring-your-own-device (BYOD) are turning enterprise security models on their heads. Privacy implications--let alone the potential for data loss and data leakage--are enough to make a CIO break out in a cold sweat.

IT and security professionals are increasingly concerned about targeted malware and data breaches. What's worse is that their confidence in their ability to identify and stop them is waning.

Mobility is a top-of-mind concern for a majority of CIOs today. Companies that are proactively embracing mobility to transform their businesses are incurring much greater costs associated with mobility incidents, but they are also reaping significant rewards, according to a new study by Symantec.

Trust. It is the basis of all digital transactions. We trust that our inventory systems are providing the correct information, that the documents we're reading have not been altered, that the entity on the other side of a financial transaction is our bank.

It's a common belief in the information security world that the Chinese government is behind many of the advanced persistent threats that target companies around the world in an effort to steal their IP and trade secrets. Now one security firm has come forward with years of evidence to link a prolific APT group to a unit inside the Chinese government.

Responding to the increasing number of threats aimed at certificate authorities and the ecosystem of trusted online transactions they represent, seven certificate authorities have come together to form an advocacy group to advance security standards and promote best practices.

If there's one thing that's become clear in the past several years, according to PayPal CISO Michael Barrett, it's that usernames and passwords--originally conceived in the era of centralized mainframes--have become more of a liability than a protection online.