The Latest News

  • Senate Approves USA Freedom Act

    Legislation Would End NSA Bulk Collection of Phone Data Senate Approves USA Freedom Act
    Senate Majority Leader Mitch McConnell failed to amend USA Freedom Act.

    The USA Freedom Act, House-passed legislation that would restrict the way the National Security Agency collects information about Americans' telephone calls, has passed the Senate and is heading to the White House for President Obama's signature. Read more...

  • Controls Might Have Averted IRS Breach

    IG Tells Senate Panel IRS Failed to Implement Recommendations Controls Might Have Averted IRS Breach
    IRS Commissioner John Koskinen and IG Russell George testify.

    Inspector General Russell George says hackers would have had a tougher time breaching the IRS "Get Transcript" system if the agency had implemented IG recommendations, but he stops short of saying the safeguards would have prevented the hack. Read more...

  • NIST Creating a Privacy Risk Framework

    Objectives: Predictability, Manageability, 'Disassociability' NIST Creating a Privacy Risk Framework

    In assessing risk, computer security has three characteristics: confidentiality, integrity and availability. But not all of those traits help systems designers assess privacy risks. So NIST is developing a privacy risk management framework. Read more...

  • Senate Set to Vote on USA Freedom Act

    Procedural Move by Rand Paul Delays Action Senate Set to Vote on USA Freedom Act
    Sen. Rand Paul speaks on the Senate floor.

    The Senate has moved closer to approving the USA Freedom Act, with a vote expected in the coming days on the House-passed legislation to provide for surveillance of Americans' phone records with approval of a court order. Read more...

  • IRS Authentication Method Criticized

    Breach Probe Widens; Russian Gangs Suspected IRS Authentication Method Criticized

    The method the Internal Revenue Service used to authenticate users, which failed to keep sophisticated hackers from breaching a taxpayer-facing system, has been widely criticized by cybersecurity experts. Read more...

  • Article

    Two Sentenced in HIPAA Criminal Case

    Charges Stem from Case Involving Kidnapping, Drug Trafficking By Marianne Kolbasuk McGee
    Two Sentenced in HIPAA Criminal Case

    In a case also involving kidnapping and drug conspiracy, two individuals - a former hospital worker and a convicted drug trafficker - have been sentenced to prison for HIPAA privacy violations. Learn who received the maximum sentence.

  • Interview

    Warning: Security Alert Overload

    Expert Says Warnings and Alert Messages Are Failing Us By Mathew J. Schwartz
    Warning: Security Alert Overload

    Vendors' and software makers' over-reliance on security messages and warnings has left users habituated to them, thus rendering such alerts less effective or even worthless, warns cybersecurity expert Alan Woodward.

  • Blog

    How VA Keeps Medical Devices 'Clean'

    CIO Offers Best Practices for Securing Devices By Marianne Kolbasuk McGee
    How VA Keeps Medical Devices 'Clean'

    In the wake of recent alerts about infusion pump security vulnerabilities, now's a good time for all healthcare organizations to reassess their basic practices for keeping medical devices secure and safe. Check out what the VA is doing.

  • Blog

    The Internet of Buggy Things

    It's Time to Patch or Pitch Vulnerable Devices By Mathew Schwartz
    The Internet of Buggy Things

    It's no surprise that virus-wielding hackers are exploiting Internet of Things devices. Blame too many device manufacturers rushing products to market, skimping on secure development practices and failing to audit the third-party code they use.

  • Interview

    Manhattan Project for Cybersecurity R&D

    Employing ISAO to Get Researchers to Collaborate By Eric Chabrow
    Manhattan Project for Cybersecurity R&D

    Citing as inspiration the Manhattan Project, in which the United States developed the atomic bomb during World War II, Sam Visner is leading an effort to get cybersecurity researchers to collaborate in developing new ways to defend cyberspace.

More news...

Webinars

  • PREMIUM MEMBER EXCLUSIVE

    The Nitty Gritty of Sandbox Evasion

    Security vendors have reacted by selling sandboxes where malware is executed and malicious behavior observed. However, attackers have raised the bar and deployed numerous methods to bypass sandboxes...

  • How to Implement the NIST Cybersecurity Framework Using COBIT 5

    Get an introduction to the NIST Cybersecurity Framework (CSF) and ISACA's forthcoming CSF Implementation Guide. Learn how organizations can successfully implement CSF using the globally recognized...

More webinars...

White Papers

  • An EMM Checklist for CIO's

    As you decide on an Enterprise Mobility Management (EMM) solution, there are dozens, if not hundreds, of factors to weigh. Comparing features across three or four shortlisted solutions can become...

  • Beyond BYOD: How Businesses Might Cope with Mobility

    There has been a lot of hype around the Bring Your Own Device (BYOD) trend over the last few years. Regulatory and legal compliance issues, concerns over privacy, costs and the difficulties of...

More whitepapers...
ARTICLE Limiting 'Intrusion Software' Exports

A U.S. Department of Commerce proposal to restrict the export of so-called "intrusion software" to...

Latest Tweets and Mentions

ARTICLE Limiting 'Intrusion Software' Exports

A U.S. Department of Commerce proposal to restrict the export of so-called "intrusion software" to...

The ISMG Network