Many organizations are unaware of the intrusion in their networks until the FBI comes calling. An Inspector General audit found that poor record keeping means some organizations don't hear from the FBI, or hear too late to do anything about it.
Enterprise defenders have a very narrow window of opportunity to detect a compromise before attackers spread out through the network and cause more damage. For nation-state attackers, that breakout time is a handful of hours.
Google's Password Checkup Chrome extension tackles the big problem of password reuse by checking what passwords users are using against a database of compromised credentials.
To help people understand the scope of the data breach and privacy problem, researchers are beginning to look at it through the lens of economics.
The Securities and Exchange Commission’s civil complaint outlining the details of an international insider trading scheme is an object lesson in how cybercriminals can monetize _any_ information, not just customer records or intellectual property.