The certificate authority system is flawed. It's like the Wild West, disjointed and unregulated, where no enforcement exists for standardized accountability.
Information security poses a major challenge to the widespread adoption of cloud computing, yet the Cloud Security Alliance, an association of cloud stakeholders, sees the cloud as a provider of information security services.
Merging government agencies responsible for physical and information security into a single operation makes sense, says Michigan's new chief security officer, Dan Lohrmann. After all, he says, the same technologies used to allow entry to a building also can be deployed to permit access to a sensitive database.
Mobile apps and smartphone security are increasing global concerns. But Dr. Giles Hogben of ENISA says mobile malware mania is a bit overhyped, since mobile is actually more secure than most other platforms currently on the market.
The breach earlier this month of certificate authority DigiNotar could prove to be the worst security event ever to happen on the Internet because it threatens, at its core, a fundamental principle of Internet transactions - economic and social - trust.
"It's important, in that climate today, where we have very sophisticated cyberattacks taking place, to have the ability to do a fairly comprehensive analysis on the threat space," NIST Senior Computer Scientist Ron Ross says.
Michigan CTO Dan Lohrmann will head a new operation to provide state agencies with a single organization charged with the oversight of risk management and security issues associated with state assets, property, systems and networks.
International communication and public-private partnerships are the keys to cybersecurity in the financial space, according to the Department of Homeland Security and the Financial Services - Information Sharing and Analysis Center.
The inability of the Department of Homeland Security to implement appropriate IT and application controls has placed at risk the confidentiality, integrity and availability of DHS's financial and operational data, according to an audit conducted for the department's inspector general.
Intelligence expert Terry Roberts says cyber intelligence, a new approach to IT security, could make significant gains in the coming year. "The good thing is, this isn't really rocket science," says the chair of the Intelligence and National Security Alliance's Cyber Council.
"You need to understand how you are currently using social media in your organization, and how you intend to use it, before you can define policies around social media," says Erika Del Giudice of Crowe Horwath.
The nascent field of cyber intelligence addresses threats that originate anonymously within cyberspace with potentially enormous consequences: physical destruction and economic chaos.
