Gary Steele has seen attack methods rapidly evolve over the last five years. But what the CEO of Proofpoint hasn't seen is a comparable evolution in how the security industry responds to attacks.
Spurred, in part, by cloud computing, the amount of federal data finding its way onto computers outside of the government is soaring. To ensure data security, NIST is drafting guidance to standardize safeguards of federal data stored on nonfederal computers.
There is a common perception among organizations that cloud security, especially when using a public cloud model - is a shared responsibility model.
According to one of the largest cloud services provider, Amazon Web Services "...the customer should assume responsibility and management of, but not limited to,...
Defense and security firm BAE Systems is acquiring cloud security provider SilverSky for $232.5 million in a move to strengthen its commercial cybersecurity business. Find out the details of the deal.
The Council of the Inspectors General on Integrity and Efficiency says government data stored on cloud service providers' servers could be at risk because of insufficient enforcement of government rules.
To address the reluctance of federal agencies to move sensitive data to the cloud, the former CISO at the Nuclear Regulatory Commission, Patrick Howard, and his colleague, Michael Rohde, champion a FedRAMP workaround.
As researchers scramble to learn more about Shellshock and the risks it poses to operating systems, servers and devices, Michael Smith of Akamai explains why not all patches are actually fixing the problem.
The automated version of the IT risk management and governance framework should save project leaders 30 to 60 hours of work over a manual process of building a secure IT system, ISACA President Robert Stroud says.
Apple's advice to always use strong passwords and two-factor authentication ignores that image hackers are bypassing those controls - and celebrities aren't the only victims. Here's what needs to change.
Enterprise CIOs and CISOs are asking: what does the cloud mean to enterprise security? In today's Everywhere Enterprise, mobile devices outnumber PCs, users are accessing applications and storing data in the cloud, and streaming media and social media are stretching the limits of corporate bandwidth and compliance....
To avoid the corporate equivalent of the recent celebrity photo dump from iCloud, enterprise security managers must add stronger password, encryption and authentication controls to mobile devices.
Some security experts say a thriving celebrity-photo-theft subculture has long been hacking iCloud, employing techniques that bypass strong passwords and Apple's two-factor authentication system.
As a customer, Delaware Chief Security Officer Elayne Starkey has seen the evolution of cloud computing over the past three years to a point where she has more sway over the security terms of cloud services contracts.
With many organizations pushing outsourcing to its limits, regulators and standards bodies (e.g., MAS, OCC, BaFin, FCA, FedRAMP, BITS, NERC, NEI, ISO, PCI Security Council, AICPA, and Cloud Security Alliance) are increasingly putting an emphasis on having a strong and effective supplier risk management framework....
Cloud-based advanced threat protection helps organizations detect sophisticated malware that is able to bypass existing security measures. The key is to start with the premise that the network is already infected, says Seculert's Dudi Matot.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
