South Carolina's Revenue Department went nearly a year without a chief information security officer before its tax system was hacked this summer. The agency's chief says the state couldn't find a qualified candidate for the job that pays $100,000 a year.
Given the magnitude of sensitive information on Social Security Administration computers, the inspector general says, any loss of confidentiality, integrity or availability of systems or data could have a significant impact on the nation's economy.
The recent wave of DDoS attacks against top U.S. banks is a wake-up call for organizations that are ill-prepared to fight against such an attack. NIST's Matthew Scholl offers strategies to mitigate the threat.
Nearly five months after an appellate judge urged an out-of-court resolution, People's United Bank and PATCO Construction have reached a financial settlement in their dispute over wire fraud losses.
Developing a bring-your-own-device
policy that's well-integrated with an organization's overall information security strategy requires a multi-disciplinary, collaborative approach, says attorney Stephen Wu.
For large-scale organizations, ensuring flexibility is an essential component in developing a mobile device policy, a direction the city of Honolulu took when it created its program.
How do we provide mobile applications to our users that fulfill their need for immediate access, but also provide them with assurance that their information is safe? Here are four fundamentals.
Prompted by the WikiLeaks breach, President Obama has issued a memorandum directing federal agencies to implement minimum standards to protect vast amounts of classified data on government computers, networks and systems from insiders.
Organizations that have struggled with risk assessments to comply with PCI-DSS requirements now can take advantage of new guidance. Learn about the latest advice on how to address shortcomings.
A report released by Gov. Nikki Haley says the hacker obtained the password when an employee of the Department of Revenue opened an e-mail containing malicious computer code.
The goal is admirable: Eliminate all traces of online information about an individual if that's what he or she wants. But is the right to be forgotten an impossible dream?
A long-delayed omnibus package of regulations, including modifications to the HIPAA privacy and security rules, remains tied up in government limbo. When might the new rules be released?
David Sherry, CISO of Brown University, sees the security leadership role transitioning completely to risk and governance over the next few years. What challenges will leaders face along the way?
As missiles and bombs do real damage in Israel and Gaza, a veteran Israeli cybersecurity expert, Amichai Shulman, downplays the significance of the assaults waged against Israeli websites, contending any damage has been minimal.
An executive at a bank in New Jersey that was battered by Hurricane Sandy offers lessons learned, including the importance of having a well-tested, detailed business continuity plan.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.