Security news aggregator

Latest coverage for Compensation

Discover the latest on compensation in infosec: trends, salary insights, and how it impacts retention and talent in the cybersecurity sector.

10 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Compensation in information security means implementing alternative controls when primary security measures cannot be applied or are insufficient. These compensating controls aim to reduce risk by providing a comparable level of protection, such as using enhanced monitoring or stricter access policies when a technical control like multi-factor authentication is unavailable. They are not permanent fixes but temporary or supplementary measures tailored to specific limitations.

Understanding compensation is critical because relying on weaker or indirect controls can introduce gaps exploitable by attackers if not carefully designed and maintained. Effective compensating controls must be regularly evaluated to ensure they address the exact vulnerabilities left open by missing or failing primary controls. This practice helps maintain security integrity and supports compliance with standards that require risk mitigation even when ideal controls cannot be deployed.

Volume over time

Weekly headline count for the current query.

Showing 10 most recent headlines Filtered view

Critics of South Korea's Coupang Dismiss Offer as Marketing More Than CompensationAfter suffering a data breach that exposed personal data for two-thirds of South Korea' population, online retailer Coupang promised to distribute $1.2 billion in vouchers to "restore customer trust." But critics have accused the move of being more about marketing than true compensation.

Bank Info Security 1 year, 2 months ago

Cryptohack Roundup: KiloEX Offers Compensation

Also, Nike Sued Over Shutdown of NFT SubsidiaryThis week, KiloEX compensation after Oracle exploit, Nike sued over NFT shutdown, SEC dropped probe into PayPal PYUSD, Long Island man sentenced for crypto fraud, Americans lost billions to crypto scams, Loopscale exploiter agreed to return stolen funds and bank regulators softened stance on crypto.

Bank Info Security 1 year, 4 months ago

Australia's Anti-Scams Bill: What's in It for Victims?

Experts Say Consumers Gain Little as Implementation Challenges Loom for FrameworkAustralia's new scams framework bill sets the foundation for industry action but leaves consumers with limited protections. Experts warn that enforcement and reimbursement mechanisms are unclear, forcing victims to navigate a complex system with little guarantee of compensation.

Bank Info Security 1 year, 8 months ago

Cyberstarts Program Sparks Debate Over Ethical Boundaries

Scrutiny Over Ethics of Profit-Sharing Prompts End to Cyberstarts CISO CompensationAllegations of conflicts of interest in Cyberstarts’ Sunrise program have sparked debate in the CISO community. While the program connected CISOs with startups for advisory purposes, its profit-sharing incentives drew criticism, leading some participants to resign and the firm to halt compensation.

3 Countries Taking Different Approaches to Accountability and Victim CompensationGovernments globally are intensifying anti-scam measures, introducing new guidelines to banks, telecom providers and other key sectors to bolster security controls and mitigate fraud risks for consumers and businesses. Some new frameworks threaten to levy stiff penalties for non-compliance.

Bank Info Security 2 years, 2 months ago

Microsoft Overhauls Security Practices After Major Breaches

Company Plans to Link Executive Compensation to Achieving Security MilestonesThe executive vice president for Microsoft Security has announced an overhaul of the company's security practices following a series of high-profile cyberattacks that allowed foreign state-sponsored hacking groups to access its internal systems and cloud networks.

Bank Info Security 2 years, 3 months ago

Iranian TA450 Group Tries Out New Tactics on Israelis

Proofpoint Researchers Say Beware of Phishing Emails, Embedded Links in PDFsIran-aligned threat actor TA450, also called MuddyWater, is using fake salary, compensation and financial incentive emails to trick Israeli employees at multi-national organizations into clicking malicious links, according to researchers at security firm Proofpoint.

Bank Info Security 2 years, 5 months ago

Hack at Software Services Firm Affects 57,000 BoA Customers

InfoSys McCamish Says Incident Involved BoA's Deferred Compensation Plan CustomersBank of America is notifying more than 57,000 customers that their information, including Social Security numbers, was potentially compromised in a hacking incident last November at Atlanta, Georgia-based insurance software firm InfoSys McCamish. BoA says none of its systems were affected.

Bank Info Security 2 years, 5 months ago

Insurance Broker Notifying 1.5 Million of Health Info Hack

California Firm Said August Attack Affected Clients' DataA California insurance broker that handles employee benefits, workers' compensation and property liability is notifying more than 1.5 million individuals about a ransomware/data exfiltration attack last August that involved health insurance information, passport numbers and Social Security numbers.

Bank Info Security 2 years, 7 months ago

Cryptohack Roundup: Bitzlato Boss Admits to Laundering Money

Also: Judge Accepts Changpeng Zhao Guilty Plea; November's 'Damaging' Hack NumbersThis week, a Bitzlato co-founder pleaded guilty to money laundering charges, a federal judge accepted ex-Binance chief's guilty plea, thieves stole $363M in crypto this November, KyberSwap looks to compensate hack victims, Platypus hackers walked free, and Velodrome and Aerodrome were hacked again.