The release of the list coincides with the issuance of the Common Weakness Scoring System that allows software makers to identify vulnerabilities in their programs and buyers to determine software they acquire is secure.
FDIC examiner Donald Saxinger says cloud computing can pose challenges when it comes to business continuity during disasters. Proactive vendor management, he says, is the best way to address potential hiccups before they become big problems.
Many organizations are considering migrating from proprietary technologies to those based on free, industry-wide standards. This will not only carve out IT costs, but also help scale your IT ecosystem and potentially improve performance. To better understand the customer migration experience, the Harvard Research...
In the wake of the RSA, Epsilon and Sony PlayStation data breaches, we spoke to two global information security leaders and asked for their three biggest leadership lessons learned. Here is what they shared.
A focus on cost and speed, not on data protection, creates a security hole, a survey of cloud computing service providers reveals. Nearly two-thirds of providers say they aren't confident cloud apps are sufficiently secured.
Top executives seek the CISO's advice to help determine whether cloud computing benefits outweigh the risks. Here are the top five cloud security risks and concerns CISOs must discuss with their leaders.
While the cause of the Epsilon e-mail breach has not been publicly disclosed, the incident's aftermath has seen a growing list of organizations impacted by the breach. It also has ignited a new debate about the sensitivity of e-mail addresses.
"It is the biggest breach we have ever seen; and to say no financial information has been stolen is, well, understating the massive breach and concern," says Neil Schwartzman, founder and chief security specialist at CASL Consulting.
What's behind the sharp rise in projected spending? Increased reliance on the Internet, networked systems and connectivity creates opportunities for cyber attackers to disrupt government operations, market researcher Input says.
"The first question they are going to ask the external provider is: 'What kind of procedures will you follow for physically securing the servers, for assuring the authenticity of the log-in, for security of the data during transit to and from your site?'" IBM's Dave McQueeney says.