Information Security

Latest Headlines

Latest Headlines

Target CISO takes over at a time of consumer anger with data breaches

Target's new chief information security officer Brad Maiorino takes the reins of the retailer's IT security program at a time of growing consumer anger at retailers for data breaches.

You can add poor IT security to the list of the VA's woes

Long wait times that may have resulted in patient deaths and poor management at the Department of Veterans Affairs led last week to the resignation of VA Secretary Eric Shinseki. And now, a new report by the VA's Office of the Inspector General says that IT security can be added to the list of the VA's problems.

News Scan: Google violates antitrust laws, suit says; IoT security to prompt IT overhaul;

Check out the hottest mobile IT news for May 2, including the federal antitrust lawsuit brought against Google, how the Internet of Things will change the face of IT security programs, why tablet sales have dropped off in the first quarter, the expected surge in location retail revenues and how carriers plan to increase Wi-Fi access point deployments.

When you go to the board, speak in their language, not yours

BOSTON--When IT security pros brief the executive board, they should use language that senior executives can relate to, such as the impact of security on profits and losses, not language used by the IT security team, James Tarala, senior instructor at the SANS Institute, told an audience at the SANS Senior Security Leadership Summit being held here this week.

Network segregation is the best solution for diverse university environments, say IT pros

Network segregation is the best way to deal with the open environment of the higher education while maintaining IT security, according to a panel of IT security pros from a number of New England universities at the SANS Institute Security Leadership Summit being held here this week.

Federal agencies' failure to protect personal information only getting worse

It seems that federal agencies can't get their acts together in protecting personally identifiable information, such as social security numbers and bank accounts. In fact, the number of information security incidents involving PII has more than doubled over the last four years, according to the latest stats from the Government Accountability Office.

Consumers fed up with data breaches, and the government is listening

High-profile data breaches at Target, Neiman Marcus, and most recently Experian, have received the attention of federal agencies, Congress and state legislatures and state attorneys general. Consumers are fed up with the lax information security approaches of major companies and that unhappiness is being felt in government at all levels.

Don't be the next Target

We can only wonder why Target, which handles millions of credit and debit card transactions every day, did not have a chief information security officer before its massive data breach that resulted in lost customers and profits.

Target did not have CISO to oversee information security prior to massive breach

Like Sony before it, Target did not have a chief information security officer overseeing security prior to its massive data breach that compromised 40 million credit and debit card accounts, and personal information on 70 million more shoppers, in November and December of last year.

Healthcare.gov: Hacked in 4 minutes

It took security researcher David Kennedy four minutes to exploit a security hole in the Healthcare.gov website that could have given him access to personal data on 70,000 people who had signed up with the site, Kennedy tells SecurityWeek.