2011 has offered quite a number of tough lessons for security professionals. Here at (ISC)2, where security education is our focus, the close of another year raises the old teacher's question: "What have we learned, class?"
A card compromise at a California-based grocery chain has raised questions about the efficacy of PCI-DSS. Experts say even if merchants are compliant, fraudsters can easily get around the security measures.
"Cybersecurity remains a priority for my administration, and we are committed to protecting our critical infrastructure by taking decisive action against cyberthreats," President Obama says in a proclamation designating December Critical Infrastructure Protection Month.
BITS president Paul Smocer says banks can expect an uptick in cybersecurity-focused legislation in 2012. What impact will changes from Capitol Hill have on requirements for data breach notification, information sharing and critical infrastructure?
Authorities in New York have indicted 28 suspects for their alleged connection to a skimming scheme that targeted AmEx cardholders. What did the take-down expose about growing innovations in insider fraud?
A wave of security breaches serves as a catalyst for all types of organizations to assess the need for cyber insurance. Here's the story of one institution that saw the threat and took out a $10 million policy.
Too many of today's firewalls are out of date and opening organizations to unacceptable business risks, says Chris King of Palo Alto Networks.
So, how do we quickly get to the next-generation firewall - and what are the key qualities it will need to embrace?
In an interview about the future of firewalls, King...
Unfortunately, says Ken Vander Wal, most organizations have done little to address security in their policies and procedures regarding BYOD, which is changing the ways companies address user behavior and risk.