Having cyber-responders from various civilian agencies located on the same campus should help foster new ideas to battle threats to critical government and private-sector IT systems, a top administration official says.
An address by FBI Director James Comey at the RSA security conference seems to equate civil liberties and privacy. But when he offers an example of balancing Americans' rights with cybersecurity, he mainly refers to the civil liberties, not privacy.
In light of the critical shortage of information security professionals, organizations must strive to become a "center for security excellence" to successfully recruit the specialists they need, says analyst John Oltsik of Enterprise Strategy Group.
Would determining ahead of time which controls should be examined in an information security audit help the federal government - or for that matter, any organization - better identify vulnerabilities across the enterprise?
While many organizations rely on employee training to help mitigate the risks of spear phishing, such efforts are generally ineffective, says Eric Johnson of Vanderbilt University, who explains why a technical solution might be better.
CISOs in Maryland are volunteering to offer small and midsize businesses free advice on a variety of security issues to help them mitigate cyber-attack risks.
The National Institute of Standards and Technology this spring will unveil updated guidance on role-based cybersecurity training, which will help government agencies as well as private businesses to protect information.
To avoid the risk of staff using social media to communicate about patients, healthcare organizations need to offer more secure alternatives, says security and privacy expert Andrew Hicks.
Technology is the biggest challenge to ethics and compliance in organizations today, says Deloitte's Keith Darcy. "We have the capacity to do things before we ever consider the ethical consequences ..."
From new malware to the Target breach, cyber-attacks reached an all-time high in 2013, says Cisco's Annual Security Report. Cyberthreat expert Levi Gundert tells how organizations can regain the advantage in 2014.
Target Corp. is providing $5 million to help fund an effort to educate consumers about the risks of cybercrime. Meanwhile, a group of House Democrats had called for a hearing about the retailer's breach, while two senators have demanded details.
The chairman of the Senate Judiciary Committee has introduced a national data breach notification bill for the fifth time, but its chances of passage remain slim.
As the elected auditor of public accounts in Kentucky, Adam Edelen is on a campaign of sorts to get the Bluegrass State to become the 47th state to enact a data breach notification law.
Training that's designed to help workers avoid clicking on links from spear-phishing e-mails may be ineffective because employees often fail to read training materials, says Eric Johnson, a Vanderbilt University professor who's co-author of a new study on the subject.
Whether reports that the National Security Agency entered into a secret contract with security provider RSA are true or not - and RSA says they're not - the reputations of all American security vendors have been tarnished.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.
