In this post-Target era of "It's not a matter of if, but when," how prepared is your organization for a data breach? Michael Buratowski of General Dynamics Fidelis Cybersecurity Solutions offers tips for breach planning and response.
The White House cybersecurity coordinator says his comment about his lack of tech expertise being an asset, widely criticized in the blogosphere, was an awkward attempt to express his view that a wide range of skills are needed in the cybersecurity field.
Malware known as "Mayhem" that targets Unix and Linux systems has been updated to exploit Shellshock flaws, security experts warn. But with few Unix-flavor systems running anti-virus software, how can it be stopped?
Yet another California healthcare breach-related lawsuit - this one involving Alere Home Monitoring - has been dismissed because of the lack of proof that anyone actually viewed data stored on an unencrypted computer device that was stolen.
As the IT security workforce reaches a record high in the United States, what does that workforce look like? It remains overwhelmingly white and male. Here's an explanation of the latest employment statistics.
Criminals have infected at least 50 ATMs in Eastern Europe, including Russia, with malware, dispensing millions of dollars in cash directly to money mules. Interpol warns such attacks could spread worldwide.
Nearly two weeks since news of Shellshock broke, attacks that are taking advantage of the Bash vulnerabilities are grabbing headlines. But Michael Smith of Akamai warns that the battle against hackers capitalizing on Shellshock could go on for years.
Twitter is suing the federal government, seeking to pave the way to publish its transparency report that documents the government's requests for user information.
The development of authentication technologies that could replace the password is "nearing a tipping point," but there's still several years of work to do, says Jeremy Grant, who oversees the National Strategy for Trusted Identities in Cyberspace.
Prompted by Heartbleed and other vulnerabilities, the White House is giving the Department of Homeland Security authority to conduct regular and proactive scans of federal civilian agency networks.
Top government leaders express high confidence in the security of state IT systems, which could explain why chief information security officers don't feel they're getting enough money to build stronger IT security.
"Selling spyware is not just reprehensible, it's a crime," says a U.S. Justice Department official. So why are 245 local U.S. law enforcement agencies and prosecutors giving spyware away for free?
The Food and Drug Administration has issued final guidance calling for manufacturers to consider cybersecurity risks as part of the design and development of medical devices. Find out what the agency recommends.
To address the reluctance of federal agencies to move sensitive data to the cloud, the former CISO at the Nuclear Regulatory Commission, Patrick Howard, and his colleague, Michael Rohde, champion a FedRAMP workaround.
As researchers scramble to learn more about Shellshock and the risks it poses to operating systems, servers and devices, Michael Smith of Akamai explains why not all patches are actually fixing the problem.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.