Revised guidance from the National Institute of Standards and Technology, SP 800-63-1, could help organizations protect themselves from a growing threat to their information assets: the insider.
The launching of a virtual U.S. embassy in Tehran, like the real one the U.S. maintained in Iran 32 years ago, fell victim to an attack this past week.
2011 has offered quite a number of tough lessons for security professionals. Here at (ISC)2, where security education is our focus, the close of another year raises the old teacher's question: "What have we learned, class?"
Vulnerabilities in applications developed for the Commonwealth of Pennsylvania contributed to a major security breach a few years back, one that state CISO Erik Avakian does not want repeated.
The draft legislation would have the Department of Homeland Security conduct risk assessments on critical national IT systems and lead efforts to adopt use of new technologies and practices to keep pace with emerging cyberthreats.
Understanding the definition is merely the beginning. Helping determine the role government should have over the critical infrastructure is something that shouldn't be left solely to lawmakers.
What's really scary, beyond the obvious, is the risk this hidden software poses to organizations trying to protect the security of their data and the privacy of their employees.
A card compromise at a California-based grocery chain has raised questions about the efficacy of PCI-DSS. Experts say even if merchants are compliant, fraudsters can easily get around the security measures.
"Cybersecurity remains a priority for my administration, and we are committed to protecting our critical infrastructure by taking decisive action against cyberthreats," President Obama says in a proclamation designating December Critical Infrastructure Protection Month.
Legislation to give the federal government authority to share classified cyber-threat information with approved American companies was introduced in the Congress by the chairman and ranking member of the House Intelligence Committee.
We all know the online shopping risks consumers face on CyberMonday. But how does the BYOD mobile computing trend impact risks to organizations from their own employees shopping on the job?
NICE's Ernest McDuffie says a proposed cybersecurity workforce framework represents a consensus of government thought on how best to define the jobs, skills and tasks needed to secure information technology.
The arrest of six international suspects is being touted as one of the biggest Internet crime takedowns in history. But how much of a deterrent will Operation Ghost Click be for other cybercriminals?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.