The hacker community can be a cynical crowd, or perhaps a realistic one, that tries to make the best of the threats confronting society. CISO Dan Geer, for example, prefers to hire security folks who are, more than anything else, sadder but wiser.
Why is the National Institute of Standards and Technology developing new cybersecurity standards based on the same principles engineers use to build bridges and jetliners? NIST's Ron Ross explains.
Is having too many stakeholders who care about cyberspace's viability a hindrance to security? That's one way to interpret comments from White House Cybersecurity Coordinator Michael Daniel as he addresses the challenges of governing the Internet.
What can banking institutions expect when examiners come calling to conduct their new cybersecurity risk assessments? Security experts share insights from institutions that have gone through the process.
In the same week that the new National Security Agency director spoke measuredly about the cybersecurity threat, his predecessor sounded the alarm about the calamitous dangers lurking in cyberspace.
Under assault by advanced threats, organizations must change their approach, says Damballa's Stephen Newman. Detection is out; response is in. How do organizations deal with 'a constant state of infection?'
The FFIEC has started its cybersecurity assessment pilot program, which will examine more than 500 community institutions. The council has also launched a Web page dedicated to cybersecurity.
The U.S. federal government's top telecommunications regulator is proposing a "new regulatory paradigm" by calling on communications providers to step up and assume new responsibilities to manage cyber-risks.
A new Bank of England cybersecurity risk framework proves how forward-thinking U.K. regulators are when it comes to cybersecurity, says Gartner's Avivah Litan. Learn what security experts say the U.S. can learn from British effort.
A new voluntary cybersecurity framework from the Bank of England is designed to help financial institutions in the U.K. identify vulnerable areas that could be exploited by a cyber-attack. Find out the details of the new program.
We've been talking about shifting away from legacy mag-stripe technology and a move toward EMV chip cards for the last decade in the U.S. So is it too late, or is there still hope for EMV?
The Department of Homeland Security hasn't done enough to secure the IT systems that manage American ports, which could restrict the flow of commerce, Congressional auditors say in a new report.
New guidance from NIST is aimed at helping federal agencies transition from a 14-year-old requirement to a new process that will assure continuously the security of their IT systems.
A George Mason University researcher says NIST's cybersecurity framework is likely to cause more problems than it solves. Instead, he encourages critical infrastructure operators to adopt dynamic cybersecurity provisions.
The Government Accountability Office has confirmed it will conduct "complete and continuous end-to-end testing" of the security of the Obamacare HealthCare.gov website and systems.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.