With automation and the increasing economic feasibility of launching targeted attacks on a small scale, tier-II and III organizations housing data need to start getting concerned, says Gartner's Ahlm.

Four years after the FFIEC issued its updated authentication guidance, many banking institutions say account takeover losses have gone up, a new survey shows. John LaCour of PhishLabs explains why institutions' reactive approach to fraud is failing.

More hackers are exploiting remote-access and network vulnerabilities, rather than installing malware to invade networks and exfiltrate data, says Dell SecureWorks' researcher Phil Burdette. That's why conventional breach-detection tools aren't catching the intrusions.

Government agencies used to be the top attack target, as well as the top source of threat intelligence. How did the private sector turn the tables, and what can government do to improve? Rapid7's Wade Woolwine offers insight.

Cybersecurity adviser Patricia Titus, a former CISO, says too many women are leaving the information security field for jobs with less pressure and more work schedule flexibility. So she urges organizations to offer more incentives to attract and retain women in the field.

If malware infections and data breaches are inevitable, then why should organizations even try to be proactive? Isn't a reactive stance more appropriate? Not so, says Marcin Kleczynski, CEO of Malwarebytes.

When it comes to healthcare payments, fraud tends to come in two flavors: Organized and opportunistic. What are the biggest gaps in detecting and preventing these schemes? IBM's Robert McGinley shares insight.

The bad news is that the new KeyRaider malware has so far compromised more than 225,000 Apple accounts worldwide. The good news, according to Ryan Olson of Palo Alto Networks, is that only modified, or "jailbroken," ioS devices are at risk.

Underground cybercrime forums continue to evolve, offering services ranging from cybercrime toolkits and money laundering to bulletproof hosting and a service that reviews exfiltrated data for corporate secrets, says cybersecurity analyst Tom Kellermann of Trend Micro.

Although EMV is a far more secure payments technology, it can be exploited for fraud if it's improperly implemented, warns Gartner analyst Avivah Litan. What security lessons must be learned from past EMV deployments?