Sixty percent of organizations have increased their security spending by one-third -- but many security managers still don't think that's enough, Ponemon study finds.
Mega-breaches like those at Target and Sony are good for one thing: they help security departments get greater buy-in and bigger budgets from the powers that be. In the wake of the Target breach, 61 percent of organizations increased their security budgets by an average of 34 percent in 2014, according to a study released today, conducted by the Ponemon Institute on behalf of Identity Finder, LLC.
Nearly half of people aged 16 to 24 foresee the end of passwords and pin numbers by 2020 as biometric security takes over, according to research by Visa.
The research of 2,000 people revealed that 69 percent of respondents aged between 16 and 24 - dubbed 'Generation Z' - believe it will be easier and faster to use biometric identification than remembering passwords and pin numbers.
A hacker has detailed a series of tricks that can silently reboot or brick routers or activate admins functions.
Many routers including Netgear and Surfboard models look to be affected, with most attacks requiring just victims' default universal credentials to be applied. Applications security bod Joseph Giron detailed how victims could be knocked offline or routers bricked.
Renowned database security expert David Litchfield discovered the issue last year on a client's system and at first he thought it was a backdoor left behind by an attacker.
"On investigation, it turns out the 'backdoor' is part of a seeded installation!" he said Monday on Twitter. "I was flabbergasted. Still am."
"We see compliance going down day by day, month by month, after the assessment," said Rodolphe Simonetti, managing director for Verizon's compliance consulting. "Compliance is supposed to be supporting security, not just a yearly checklist."
The Payment Card Industry Data Security Standard has 12 main requirements. The most likely to go unmet between audits? The requirement to maintain a firewall and making sure that there is a strong network protection later, said Simonetti.