Leon Rodriguez, formerly chief of staff and deputy assistant attorney general for the Department of Justice Civil Rights Division, is the new director of the Department of Health and Human Services' Office for Civil Rights.
Provisions in legislation introduced by Sen. Richard Blumenthal, D-Conn., target companies that store online data for more than 10,000 people to assure their customers' personally identifiable information is protected.
A repentant SparkyBlaze wants to go legit, leaving behind the hacktivism he helped foster as a member of Anonymous and start a career in the U.S. as a ethical hacker. As proof, he's offering advice to protect IT from hackers.
Facial recognition technology could prove to be an effective way to authenticate individuals seeking entry to secured buildings or databases storing sensitive information. But the biometric technology already is being abused, and IT security managers employing facial recognition should be careful to encrypt the...
This white paper details solutions designed for government agencies that provide the visibility, control and automation needed to support asset management across the IT asset life cycle, planning, acquisition, management and disposition of software, hardware and related licenses.
The result is lower asset costs,...
Trust has been a murky trait on the Internet since its inception. Remember the New Yorker cartoon? A dog, sitting by a PC, says: "On the Internet, nobody knows you're a dog." It's hard to trust what you see on the Net. That's more true today than ever.
It is no longer enough for information security professionals to secure critical information. They also need to be asking about the legitimacy of where this information comes from, says John Colley, managing director of (ISC)2 in EMEA.
"Consumer notification is often hampered by the fact that companies must first determine their obligations under 47 different state regimes," says Rep. Mary Bono Mack, R-Calif., the subcommittee's chair and bill's sponsor.
NIST's Ron Ross points out that its seminal security control guidance, Special Publication 800-53, contains only one privacy control, requiring agencies to conduct a privacy impact assessment. That will change by year's end.