John Streufert, the DHS director overseeing the rollout of a federal continuous diagnostic initiative to mitigate IT systems vulnerabilities, expects that many state and local governments will participate in the program.
The massive initiative to deploy continuous monitoring at U.S. federal government agencies will be done in phases, with the initial rollout occurring over three years, the Department of Homeland Security's John Streufert says.
As healthcare organizations ramp up HIPAA compliance efforts, they should make far greater use of guidance from the National Institute of Standards and Technology, says security consultant Mac McMillan.
As the federal government ramps up deployment of continuous monitoring, agencies should significantly reduce the time to certify and accredit IT systems and detect vulnerabilities, says the Defense Department's Robert Carey.
Account takeover fraud is growing globally, and it's not just banks that are suffering, says analyst Julie Conroy. Here, Conroy explains why fraudsters continually have the upper hand.
Many banking institutions have done a poor job of addressing call-center fraud, says IDC analyst Jerry Silva, who offers tips on addressing the challenge of balancing customer service with security.
Gartner analyst Avivah Litan says fraudsters are using DDoS attacks as a distraction for a new, extremely effective account takeover scheme. How should institutions respond to this emerging threat?
Because big data brings significant benefits - and risks - CEOs and boards of directors must take charge of developing privacy protection policies, ISACA International Vice President Jeff Spivey says.
Today's advanced threats are no secret. Focusing the correct resources on them is the true challenge, says Will Irace of General Dynamics Fidelis Cybersecurity Solutions. He offers tips for harnessing the right skills and technology.
Version 3.0 of the PCI Data Security Standard is coming, and draft guidelines reflect the impact of recent retail breaches. PCI GM Bob Russo explains big changes to ensuring payment card security.
As new state health insurance exchanges gear up for open enrollment Oct. 1, privacy expert Chris Rasmussen asks whether regulators will miss the deadline for a risk analysis of a key data services hub.
Bruce McConnell, who just stepped down as one of the federal government's top cybersecurity policymakers, says he understands why some lawmakers don't trust DHS with significant authority to safeguard government IT.
The old saw of a blind squirrel fortuitously finding an acorn reminds the Atlantic Council's Jason Healey of cyber-assailants from third-rate cyber-power Iran, believed to be behind DDoS attacks on U.S. banks.
It's time to start thinking about the next wave of DDoS attacks, says Neustar's Rodney Joffe. And it's time for other critical infrastructure industries - not just banks - to assess their risks.
Organizations won't effectively share cyberthreat intelligence until they have more efficient ways of gathering and prioritizing data, says EMC's Kathleen Moriarty, author of a new report about information sharing weaknesses....
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.