After the OPM breach, the U.S. and China recently agreed to hammer out a cyber "code of conduct." But John Pescatore, a director at the SANS Institute, argues that governments would be better served by first jointly combating cybercrime.

The OPM breach is not just the biggest in U.S. government history. It's also likely a classic case of third-party risk management, says Jacob Olcott of BitSight Technologies. What are the key lessons to be learned?

Gordon Werkema, who is leading the Federal Reserve's initiative to revamp the U.S. payments infrastructure, describes his security priorities as the move to faster payments progresses.

A new alert from the FS-ISAC warns merchants and banks that remote-access attacks against POS systems continue to rise and offers risk mitigation recommendations. The center's Charles Bretz provides an analysis.

PCI-DSS will remain a viable standard even after EMV, as well as encryption and tokenization, become more common, argues Jeremy King of the PCI Council. He acknowledges, however, that the standard will have to evolve in light of changes in the payment system.

OpenDNS's Andrew Hay sees danger confronting many enterprises in the era of the "Internet of Things" as Internet-ready consumer devices, not architected for security, find their way onto corporate networks, often unbeknown to administrators.

The FFIEC has released its much-anticipated Cybersecurity Assessment Tool. Hear why banking regulator Tim Segerson believes the tool is expected to be rolled into regulatory examinations by summer of 2016.

The PCI Security Standards Council has just released version 2 of its point-to-point encryption standard. Jeremy King of the PCI SSC explains how this optional standard can complement PCI-DSS compliance.

Organizations that want to protect sensitive data first need to know where it is. But outside of military and government realms, few employees know how to manually classify data, or have an incentive to do so, says TITUS CTO Stephane Charbonneau.

With the rise in awareness of visual security threats and the advent in open plan office environments, protecting data inside the organization is a growing concern, says Ben Rooney, a marketing executive at 3M.