It's one thing to talk or even plan about "What happens if we are breached?" It's quite another to undertake a true breach exercise. What are the critical elements of such a drill? Author Regina Phelps shares advice from her new book.

The emerging threats posed by cybercrime and evolving banking services, including mobile banking, will be among the focal points of a keynote address by the Information Security Forum's Steve Durbin at ISMG's Fraud & Breach Prevention Summit in Washington May 17-18.

With today's multi-layered attack surface, traditional vulnerability management no longer suffices. Security leaders must embrace a new strategy to help identify and secure true assets at risk. Gautam Aggarwal of Bay Dynamics explains how.

The HHS Office of Civil Rights is gearing up for round two of HIPAA compliance audits. What should security leaders expect, and how should they prepare? David Holtzman of CynergisTek and Geoff Bibby of Zix offer insights and advice.

Establishing new laws and regulations to address privacy and cybersecurity concerns related to the Internet of Things would likely be ineffective, attorney Steven Teppler, who co-chairs an American Bar Association IoT committee, says in an audio interview.

NIST's Ron Ross, in an audio interview, explains new draft guidance that's designed to help technology vendors build secure components that their customers can use to build trustworthy information systems. Ross will be a keynoter at ISMG's Fraud and Breach Prevention Summit in Washington.

The digital banking shift creates great convenience - for the fraudsters, as well as the customers. What can institutions do to reduce their vulnerability to breaches and fraud? Dave Allen of Bottomline Technologies offers advice.

Healthcare entities are increasingly in the crosshairs of attackers who seek to cause business disruption. How can threat intelligence bolster cybersecurity defenses? FireEye's Dan McWhorter offers insight and strategies.

Within the next 20 years, quantum computing could be applied to easily crack current approaches to cryptography, according to the National Institute of Standards and Technology, which already is beginning work on new approaches to encryption that can withstand the power of quantum computing.

The Verizon 2016 Data Breach Investigations report finds malware, ransomware and phishing attacks are more common than ever and creating even more damage. Organizations are continuing to get exploited via vulnerabilities that are months or even years old, forensics expert Laurance Dine explains in this interview.