The automated version of the IT risk management and governance framework should save project leaders 30 to 60 hours of work over a manual process of building a secure IT system, ISACA President Robert Stroud says.
As the workforce increasingly relies on mobile devices, corporate privacy and security policies aren't keeping pace. And that's leaving a large gap in organizations' breach prevention strategies.
More than 1.5 million DDoS attacks daily are targeting the Bash bug flaws known as Shellshock. Researchers have now discovered a total of four Shellshock vulnerabilities and warn that more may follow.
In a wide-ranging interview, the acclaimed expert on cybersecurity strategy addresses the cyberthreat posed by ISIS and explains why Congress is unlikely to enact significant cybersecurity legislation this year.
Federal regulatory agencies have several activities and resources in the works as the healthcare sector enters year two of a post-HIPAA Omnibus Rule enforcement environment. Find out what's planned.
As news of the Shellshock bug continues to spread, CISOs in all sectors are taking steps to mitigate the risks posed by the vulnerability. Likewise, regulators and industry groups have ramped up dissemination of alerts.
The FDA is ramping up efforts to strengthen the security of medical devices. That includes a collaborative effort to develop a risk assessment framework to identify cybersecurity vulnerabilities and mitigate the risks.
Attackers have exploited the Shellshock vulnerability - a.k.a. Bash bug - to infect at least 700 Linux systems with malware that includes the ability to launch DDoS attacks. Users of Unix systems are vulnerable.
To mitigate the newly discovered Bash bug - AKA Shellshock - which may make millions of systems vulnerable to remote takeover, organizations must take several key steps, says security expert Alan Woodward.
The social media savvy Islamic State frightens most of the world with its gruesome Internet postings of executions and online recruitment of new Jihadists. But is the terrorist group likely to launch cyber-attacks?
Security experts are warning that millions of systems - Apache servers, Linux and Mac systems, and innumerable Internet of Things devices - may be vulnerable to a flaw in Unix that attackers are already using to gain shell access.
The Consumer Financial Protection Bureau, responding to government auditors, is formalizing a privacy plan that addresses how the federal agency will assess and manage privacy risks and monitor and audit privacy controls, Director Richard Cordray says.
FS-ISAC has teamed up with the Depository Trust and Clearing Corp. to offer software designed to ease cyberthreat information collection and sharing, helping safeguard against cyber-attacks.
What's as disturbing as news of the Chinese hacking U.S. defense contractors' systems is that the contractors failed to notify the military of most of those intrusions because of how they interpreted cyber-intrusion reporting requirements.
Coming on the heels of a Government Accountability Office report identifying HealthCare.gov security flaws, a new report by another watch-dog agency finds some security weaknesses, as well as strengths, in the Obamacare site and systems.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.