The development of authentication technologies that could replace the password is "nearing a tipping point," but there's still several years of work to do, says Jeremy Grant, who oversees the National Strategy for Trusted Identities in Cyberspace.
As researchers scramble to learn more about Shellshock and the risks it poses to operating systems, servers and devices, Michael Smith of Akamai explains why not all patches are actually fixing the problem.
To address the reluctance of federal agencies to move sensitive data to the cloud, the former CISO at the Nuclear Regulatory Commission, Patrick Howard, and his colleague, Michael Rohde, champion a FedRAMP workaround.
In a wide-ranging interview, the acclaimed expert on cybersecurity strategy addresses the cyberthreat posed by ISIS and explains why Congress is unlikely to enact significant cybersecurity legislation this year.
To mitigate the newly discovered Bash bug - AKA Shellshock - which may make millions of systems vulnerable to remote takeover, organizations must take several key steps, says security expert Alan Woodward.
One year after HIPAA Omnibus Rule enforcement began, why do so many healthcare entities and business associates continue to struggle with even the most basic requirements? Security expert Andrew Hicks offers insights.
What's the toughest challenge the U.S. faces when it comes to EMV? Randy Vanderhoof of the EMV Migration Forum points to getting POS software and terminals certified for EMV transactions. Find out what other hurdles he identifies.
If the U.S. military awarded a decoration for hacking, Army Col. Gregory Conti would wear it proudly on his uniform. Hear Conti, director of the Army Cyber Institute, explain why ethical hacking helps drive America's innovation engine.
Recent hacking incidents affecting HealthCare.gov, Community Health Systems and other healthcare organizations illustrate the need to urgently ramp up defenses against emerging cyberthreats, two security experts say.
What steps can organizations take to mitigate insider fraud threats? Michael Theis of Carnegie Mellon, a featured speaker at ISMG's upcoming Fraud Summits in Toronto and London, explains why using data analytics is key.
Amidst a year of high-profile and costly data breaches, what can organizations be doing to help ensure they aren't the next victims? Charley Chell of CA Technologies discusses new authentication solutions.
In an in-depth interview, Adam Sedgewick, the point man for the NIST cybersecurity framework, addresses misconceptions about the guidance, the costs to implement it and its role as a marketplace catalyst.
Canada is considering adopting tougher data security and cybercrime legislation that could serve as a model for other nations, says Claudiu Popa, an information security expert who'll be a panelist at the Fraud Summit Toronto.
What lessons can be learned from recent high-profile breaches? IT security experts John Pescatore of the SANS Institute and Ron Ross of NIST explain how organizations can work to mitigate the new-style data breach threat. Listen to the conversation.