The new report aims to help access-control experts improve their evaluation of the highest security access-control systems by discussing the administration, enforcement, performance and support properties of mechanisms that are embedded in each system.
Budgets are a big issue today for those managing their risk management frameworks, says NIST's Ron Ross, who offers his advice on using cloud as a means to save money and improve IT infrastructure.
CISOs shouldn't be tied too closely to specific guidance and processes when new threats emerge or their organization has suffered a breach, says RSA CISO Eddie Schwartz.
"With the increasing breadth and depth of cyberattacks ... risk assessments provide important information to guide and inform the selection of appropriate defensive measures so organizations can respond effectively," guidance coauthor Ron Ross says.
Two hefty fines issued as part of recent HIPAA settlements reveal that the Office for Civil Rights is getting tougher on enforcing compliance - especially when it comes to risk assessments.
Organizations mulling the purchase of cyber insurance should vet their brokers to see if they truly understand policies that provide breach protection, cyber liability lawyer Richard Bortnick says.
September is the peak of the Atlantic hurricane season. How should organizations in the potential path of these storms assess preparedness? Alan Berman of the Disaster Recovery Institute advises.
As a result of the recent Apple-Samsung verdict, CISOs at organizations need to be mindful of where their software is being sourced from, says patent attorney Jim Denaro.
In creating its mobile-device policy, the city of Honolulu allows its agency heads to tailor policy to meet their individual needs, Honolulu Chief Information Officer Gordon Bruce says.
The continuing loss of data to China suggests that the federal government should carefully assess the cybersecurity implications associated with the expansion of Chinese cloud and mobile providers in the U.S.
Consumer advocates are praising many of the privacy and security provisions of the final rules for Stage 2 of the HITECH Act EHR incentive program but lamenting some omissions. Find out the details.
The final rules for Stage 2 of the HITECH electronic health record incentive program contain multiple provisions regarding privacy and security. Find out what experts have to say about the merits of the new requirements.
Cyber is part of our everyday lives. Still, in many cases, a natural - or perhaps an unnatural - divide exists between the virtual and physical worlds. This is especially true in the way we deal with crime.
One takeaway from the $1-billion-plus verdict against Android-maker Samsung for infringing Apple patents is that the users of infringed technology also could be held legally liable, patent attorney Jim Denaro says.
Advice from the report, Bring Your Own Device: A Tool Toolkit to Support Federal Agencies Implementing BYOD Programs, is applicable to all types of public and private organizations.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
