- Today's Approach to Security is Broken
- Google introduces Chrome 'factory reset' pop-ups to tackle extensions hijacks
- Fake-police ransomware reaches Australia
- Microsoft confirms HTTP Strict Transport Security for IE 12
- Hackers try to blackmail plastic surgeon after stealing 500,000 patient records
Explosive revelations in the past six months about the U.S. government's massive cyber-spying activities have spooked individuals, rankled politicians and enraged privacy watchdogs, but top IT executives aren't panicking -- yet.
More companies are tackling how to best set up their electronic records to be able to respond to any legal requests related to "electronic discovery" to quickly find internal documents for court purposes, but this "e-discovery" process is still a struggle, a survey published today indicates.
Businesses are in the crosshairs as military and spy organizations around the world step up their cyber-snooping techniques, and the shift to cloud is only exacerbating the risks. How can you be sure your cloud partner is capable of protecting your data from cyberattacks?
The Payment Card Industry (PCI) Security Standards Council today issued guidelines on how businesses storing, processing or transmitting payment-card information should look at doing an annual risk assessment.
Tired of regulators from three or four federal agencies auditing your network security compliance every year? A congressional task force recommends a super-standard that would cut the number of annual audits back to just one.
Revelations over the U.S. National Security Agency's Prism surveillance program have much of the general public in uproar, but in terms of the controversy's impact to enterprise IT, some CIOs have measured, albeit watchful reactions.
Sign up now »
Automate business-continuity and disaster-recovery planning and enable crisis management in one solution.
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.