The Latest News

  • Risk Management Requires Innovation

    Part 2: Professionals Thinking Outside of the Box Risk Management Requires Innovation

    Risk-management professionals must think outside of the box in terms of innovation, research and development and partnerships. Read more...

  • Verisign Breached Several Times in 2010

    Company: Data Accessed, But Net Root Name Servers Unaffected Verisign Breached Several Times in 2010

    Verisign, operator of two of the 13 root name servers that route traffic on the Internet, has revealed that outsiders attacked its computer network several times in 2010, but top management did not learn of the incidents until September 2011. Read more...

  • 7 Steps to Handle Security Incidents

    New NIST Guidance Targets Computer Incident Response 7 Steps to Handle Security Incidents

    Establishing an effective security incident response program is a key component of an information risk management strategy. And NIST has issued draft guidelines to help organizations implement such a program. Read more...

  • House Panel Approves Cybersecurity Bill

    The Precise Act Gives Lead Role to DHS on Non-Defense IT Security House Panel Approves Cybersecurity Bill

    Rep. Dan Lungren, the bill's chief sponsor, contends the regulatory approach taken by his bill would be less intrusive on the private sector than proposed Senate legislation and a plan by President Obama. Read more...

  • No Opt Out for Opt Out

    Understanding the Merits of Google's New Privacy Policy No Opt Out for Opt Out

    The uproar over Google's latest privacy policy is much ado about nothing, especially the cry from some in Congress that the Internet company won't allow users to opt out of its new policy. Read more...

  • Blog

    Verisign Must Reveal More about Breaches

    Transparency Will Help Verisign Gain Stakeholder Trust By Eric Chabrow
    Verisign Must Reveal More about Breaches

    Verisign Inc. may have followed the letter of the law when revealing a series of breaches in an SEC filing. But the company that assures the flow of a hefty portion of Internet traffic should have been more forthright to ease the minds of its various constituencies.

  • Article

    4 Types of Insiders Who Threaten IT

    CERT Report Identifies Insider Patterns By Jeffrey Roman
    4 Types of Insiders Who Threaten IT

    Although insider-threat incidents within organizations tend to be different case-by-case, says Carnegie Mellon University's Dawn Cappelli, there are similarities and patterns that organizations can look for when mitigating their risks. What are some of the common characteristics among insiders, and how can...

  • Blog

    $30 Billion: Money Well Spent?

    Movement to EHRs Could Fail if Public Trust Lacking By Howard Anderson
    $30 Billion: Money Well Spent?

    Building public trust that electronic health records will remain private is essential to the success of federally funded efforts to boost EHRs and health information exchange.

  • Article

    New Guidance on Payments Processing

    FDIC Stresses Due Diligence, Transaction Monitoring By Tracy Kitten
    New Guidance on Payments Processing

    The FDIC has issued revised guidance describing potential risks associated with relationships to third-party payment processors. What are regulators' new risk-management expectations of banks?

  • Blog

    911 Broadcasts: A Privacy Invasion?

    Why Recordings of Emergency Calls Need to Stay Private By Howard Anderson
    911 Broadcasts: A Privacy Invasion?

    The extensive news media coverage of a 911 emergency call about actress Demi Moore is calling attention to an important issue: The need to protect privacy.

More news...

Featured Interviews

  • After a Breach: 3 Lessons

    Limiting Data Collection, Storage Common After an Incident After a Breach: 3 Lessons

    Organizations that have been breached say they now limit the amount of personal information collected, a new survey shows. See what other key lessons these organizations have learned.

  • Elements of a Social Media Policy

    Make it About What People Can Do, Not What They Can't Elements of a Social Media Policy

    You know your company's social media policy is a good one when it starts sounding less like a checklist and more like common sense, says Sherrie Madia, social media expert and author.

More interviews...

Webinars

  • Risk Management Framework: Learn from NIST

    Cyber threats can destroy any organization or its reputation, and recent incidents prove they can come from anywhere - malware in a security vendor's e-mail attachment, a lost laptop with critical...

  • Legal Considerations About Cloud Computing

    Cloud computing is among the hottest topics in both the private and public sectors. Business and technology leaders are enamored with the notion of accessing virtualized resources via the Internet....

More webinars...

White Papers

More whitepapers...
ARTICLE Human Element of Info Risk Management

People, as much as anything else, are a critical aspect of information risk management, and...

Latest Tweets and Mentions

ARTICLE Human Element of Info Risk Management

People, as much as anything else, are a critical aspect of information risk management, and...

The ISMG Network

prev next