A former federal government CISO dismisses suggestions that IT security can be enhanced by tweaking the processes behind the implementation of the Federal Information Security Management Act. FISMA is badly flawed, he argues, and must be reformed by a new law.
The FTC puts the onus on application developers to protect their organization's sensitive data by mandating the use of "reasonable" data security practices. What does this mandate mean in practice?
Using technology to prevent breaches is insufficient. Security leaders also must address the human factor, making sure staff members receive appropriate training on clear-cut policies - before it's too late.
In the rush to allow personal devices to be used for work, we in application security neglected to examine thoroughly the new risks external applications may introduce to our organizations.
The longtime chief information security officer at the CIA understands the appeal of hacking hackers, but Robert Bigman cautions that such revenge might not be so sweet.
Smaller nation-states have been upping the ante of cyber-attacks for years, and now one has shown us exactly the kind of cyberdestruction that extremist elements are willing and able to conduct, former-U.S. National Intelligence Director Mike McConnell writes.
How do we provide mobile applications to our users that fulfill their need for immediate access, but also provide them with assurance that their information is safe? Here are four fundamentals.
Recent events such as Superstorm Sandy have brought new attention to the business continuity discipline. As business continuity grows in significance, so does the desire to measure its effectiveness.
The CISO of Beth Israel Deaconess Medical Center calls on the Food and Drug Administration to take bold action to help ensure the security of medical devices, which are vulnerable to malware.
Across the board, the job market in the U.S. is extremely competitive. Yet, fraud examiners are in demand -- and there are some tactics you can use to give yourself an edge when seeking a new job.
The continuing loss of data to China suggests that the federal government should carefully assess the cybersecurity implications associated with the expansion of Chinese cloud and mobile providers in the U.S.
When you and I say 'cloud,' we may think of two very different things, ISACA leader Peter Spier writes. Partly this stems from a lack of common definition on the term. Read on to see how such confusion can be overcome.
As mobile devices become ubiquitous, more precautionary measures are needed to ensure confidentiality. To prevent data breaches, organizations need to take five essential steps.
I don't care how old you are, there will be demand for this kind of talent for the rest of your career. However, if AppSec was easy, the supply of talent would meet the demand. That's not the case.
Job hunting today is a bit like a game. It can be confusing and even a little scary. And if you haven't played in a while, you may be mystified by how the rules and the playground have changed.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.