Ohio is relatively new to enterprise information security, and according to David Shaw, the state's chief information security officer, there is still much to do to ensure that all the agencies' critical infrastructure is protected.
Rep. Mary Bono Mack, at left in photo, wants security provider McAfee to brief the House subcommittee she chairs on its report of cyberattacks waged against governments and global businesses for more than five years it labels Shady RAT.
People's view of cybersecurity will need to broaden over the next few years, says IT expert Robert Brammer. That's why a consortium has been established to conduct research on the security of computer systems, as well as other areas where computerization has excelled.
The release of the list coincides with the issuance of the Common Weakness Scoring System that allows software makers to identify vulnerabilities in their programs and buyers to determine software they acquire is secure.
"We appear to be asking DHS to take on new cybersecurity roles and missions while it is establishing its basic core competencies," Melissa Hathaway says. "Is this reasonable? Do we want DHS to become a first party regulator?"
Security experts at this week's Gartner Security and Risk Management Summit agree: Security, not compliance, has to be the new focus. Cyberintrusions cannot be stopped, and the RSA breach should be a lesson to the industry.
Some organizations hesitate to involve law enforcement in their breach investigations for fear that exposing the hack would cost them their reputations and money. A Justice Department contingent tells a gathering of lawyers why that impression is wrong.
What's the top threat on the minds of global IT leaders? Employee-owned mobile devices - or BYOD (bring your own device), as the trend is known. The struggle: Do mobile device benefits outweigh the organizational risks?