Missing from the analysis and debate regarding the U.S. government's decision not to prosecute presumptive Democratic Party presidential candidate Hillary Clinton for using a private email server while secretary of state is this simple fact: Secure IT systems aren't tailored to function the way people behave.

Healthcare entities should take several critical steps to minimize the security risks posed by older, legacy medical devices used in their organizations, says medical device cybersecurity expert Kevin Fu.

One of the core values of the cybersecurity framework is to facilitate communication among various stakeholders coming from different technical and managerial backgrounds who must collaborate to build secure IT systems, NIST Program Manager Matt Barrett explains in an interview.

More than 200,000 internet-connected systems remain vulnerable to the OpenSSL vulnerability known as Heartbleed, more than two years after the flaw was publicly announced and related patches released, warns security researcher Billy Rios.

Now a Ukraine bank has reported suffering a $10 million hacker heist via fraudulent SWIFT transfers. Also hear about why attackers often use legitimate IT administrator tools, and organizations' growing use of deception technologies and strategies.

Ten years after the launch of the PCI Data Security Standards Council, the key to ensuring ongoing compliance with the PCI Data Security Standard is winning CEO buy-in worldwide, says Stephen Orfei, general manager of the council.

The Dark Overlord selling stolen healthcare databases for bitcoins leads the ISMG Security Report. Also hear about banks' move toward real-time transaction fraud controls and a bipartisan attempt in Congress to tackle the ongoing crypto and "going dark" debates.

In the wake of recent SWIFT-related interbank payment heists, more banks are monitoring transactions for anomalous behavior in an attempt to catch fraud in real time, says Andrew Davies, a fraud prevention expert at core banking services provider Fiserv.

Britain's surprise vote to "Brexit" the European Union leads the ISMG Security Report. Also hear analysis on a cybercrime forum selling remote server access; Comodo being in hot water by saying "let's encrypt"; and why Facebook CEO Mark Zuckerberg covers his webcam with tape.

Achieving international acceptance of PCI-DSS is an ongoing challenge, says Jeremy King, international director of the PCI Security Standards Council, who's working to educate merchants about baseline security that goes far beyond cardholder data protection.