We all know that relying on a simple user ID and password combination is fraught with peril. One alternative is to use one of the single sign-on solutions we reviewed last year, but there are less expensive options that could also be easier to install.

When the moderator of a panel discussion at the recent RSA conference asked the audience how many thought their risk management programs were successful, only a handful raised their hands. So Network World Editor in Chief John Dix asked two of the experts on that panel to hash out in an email exchange why these programs don't tend to work.

Specialty retailer Genesco faces an uphill battle in its precedent-setting US$13.3 million lawsuit against Visa USA, a Garner analyst said.

Corporate endpoints are under attack from cybercriminals who have developed ingenious and effective methods for installing malware on endpoints that can steal control from the end user, and there is no indication these attacks will slow down anytime soon. One reason: popular defensive technologies have provided some protection against the most blatant attacks, but have had little impact against more advanced threats. A new approach to endpoint protection is desperately needed.

Identity theft has been the top consumer complaint to the Federal Trade Commission now for 13 years running.

RSA, the security division of EMC, kicks off its annual security conference on IT security today with a pitch to establish its new Big Data Security and risk-governance products as a foundation for security operations centers. And RSA says it'll send in its security professionals to help set them up, too.

The US Department of Veterans Affairs has begun installing millions of sensors on just about anything that costs more than $US50.

Guidance Software today said its computer forensics tool is now capable of automated collection of data on endpoint devices, including computers and smartphones, based on a security information and event management (SIEM) alert.

Three decades into the digital revolution, passwords are still complicated, ineffective and a drain on IT's resources. What gives?