NIST's Ron Ross, one of the world's top information risk thought leaders, says new guidance he co-wrote doesn't dictate how organizations must approach risk assessment, but gives enterprises options on how to conduct risk appraisals.
Five pilot projects unveiled by the federal government, if successful, should build trust in online commerce, helping to boost the economy, says Jeremy Grant, head of the National Strategy for Trusted Identities in Cyberspace National Program office.
When it comes to cybersecurity in Delaware, Gov. Jack Markell sees his job as being the state's head cheerleader. In an interview, Markell discusses his role and the state's cybersecurity accomplishments.
The PCI Security Standards Council has issued new guidelines on mobile payment acceptance security. What are the key recommendations? The council's Bob Russo and Troy Leach discuss the new guidance.
Organizations mulling the purchase of cyber insurance should vet their brokers to see if they truly understand policies that provide breach protection, cyber liability lawyer Richard Bortnick says.
The iPhone 5 is coming, and so are a slew of new or upgraded smart phones and tablets. How should security leaders prepare for this new wave of mobility? Malcolm Harkins, CISO of Intel, offers advice.
In creating its mobile-device policy, the city of Honolulu allows its agency heads to tailor policy to meet their individual needs, Honolulu Chief Information Officer Gordon Bruce says.
Thor Ryan, chief security officer at the Alaska Department of Health and Social Services, offers lessons learned as a result of his organization's $1.7 million settlement following a HIPAA compliance investigation triggered by a small breach incident.
Visa's new end-to-end encryption service aims to eliminate payment card data at the merchant level. Eduardo Perez of Visa's Risk Group discusses the security value of this emerging solution.
The information security threat landscape has evolved considerably over the past six years, and it's time that organizations' defenses evolve to match them, says Tom Kellermann of Trend Micro.
William Henley of the FDIC has just returned to banking regulation after a two-year stint working in the private sector. How did his business experience influence his approach to enforcing compliance?
Gauss is the latest malware variant likely connected to nation-states. But Roel Schouwenberg of Kaspersky Lab says Gauss' aim at banking credentials is unique. How should organizations respond?
Too many organizations misunderstand exactly what continuous monitoring is, says Centrify's Matt Hur, who offers insights on how to deploy continuous monitoring solutions for the best results.
To address the security and privacy challenges magnified by the velocity, volume and variety of big data, the Cloud Security Alliance has formed a big data working group. What are the group's objectives?
Which employees are most apt to commit cyberfraud, and how can organizations detect and prevent their crimes? Researcher Randy Trzeciak shares insights and tips from a new insider threat study.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.