Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.
Creating a culture of security within an organization may be on CISOs' wish lists, but it's often hard to educate and spread that message, says Justin Somaini, chief information security officer at Yahoo.
Organizations eager to take advantage of cloud computing need to take a step back and consider many critical privacy and security issues, says Feisal Nanji, executive director at the security consulting firm Techumen.
Various committees in both houses claim jurisdiction over different aspects of IT security, and intra-house squabbling can cause a bill to get lost on its way to becoming law, says Purdue University's Eugene Spafford, who closely follows the progress of cybersecurity legislation.
The PCI Security Standards Council's new guidance for tokenization offers clarification and recommendations for merchants struggling to determine which tokenization solution is best, especially where compliance with the Payment Card Industry Data Security Standard is concerned.
The team at the European Network and Information Security Agency identified 50 security threats that exist within the new web standards and sent recommendations for how they should be addressed to W3C.
"The more that you could focus in on computer science topics, to understand programming, network-based technology and mobile-based technology, the better off you're going to be," says Rob Lee of SANS Institute.
In the age of high-profile attacks, such as a distributed denial-of-service attack against South Korean websites, organizations are shifting their focus in terms of cybersecurity, McAfee CTO/Public Sector Phyllis Schneck says.
Phishing e-mails, feigning to be from the Internal Revenue Service, are reportedly targeting consumers with claims that tax accounts have been locked and require immediate action to reopen.
Oregon state agencies are coming together to develop a centralized plan, ending a previously siloed approach, to simplify compliance with Internal Revenue Service rules to safeguard taxpayer data, says state CISO Theresa Masse.
"There are still a lot of inexperienced people out there that are passing themselves off as experts," says Scott Laliberte, managing director of Protiviti, outlining the common challenges of penetration testing.
As fraud continues to evolve and affect financial institutions, careers are plentiful for fraud-fighting professionals, says Jean-Francois Legault, a fraud investigations specialist with Deloitte and Touche.
Encryption is evolving in terms of its role against the current threat landscape. And with the onslaught of advanced persistent threats, encryption stands out as a top contender in mitigating the risks.
For John Colley, managing director of (ISC)2 in EMEA, ethics need to be addressed more frequently in the workplace. Organizations can no longer assume information is legitimate or has been gained through ethical means.
In social media policies, organizations are putting too much emphasis on what not to do, as opposed to how to navigate the space effectively, says social media expert Sherrie Madia.
The cyber threat landscape is more widespread than ever before, and cybersecurity professionals are needed in all sectors, from government to private industry, says Dickie George of the National Security Agency.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.