On the record, security experts talk about the improvements banking institutions have made in DDoS defense, and there's no doubt they have made major improvements. Off the record, they are less optimistic.
The HIPAA Omnibus Rule stresses the need for business associates to adequately safeguard patient information. What are the implications? Here's what a federal privacy officer and a consumer advocate have to say.
U.S. banks have been hit by a new wave of distributed-denial-of-service attacks, and experts say the botnet behind the attacks is getting stronger. Learn about the latest developments.
We are no longer facing a global IT security staffing shortage - it's a full-blown crisis. This is the conclusion of new research conducted by (ISC)². Julie Peeler and Bruce Murphy offer insight.
The National Initiative for Cybersecurity Careers and Studies leverages efforts of government, industry and academia to provide a comprehensive, single resource to address the nation's cybersecurity knowledge needs.
Malware, DDoS and mobile security aside, one of the biggest risks is organizations' lack of visibility into specific threats. Don Gray of Solutionary explains the need for actionable threat intelligence.
Security leaders have a firm grasp on their technology controls and processes as they continue into 2013. It's addressing the vulnerabilities in people that remains the outstanding challenge of the year.
The Federal Reserve confirms it's been breached. What message does this attack send to banking institutions and their vendors about the heightened urgency to implement security best practices?
It isn't just a staffing shortage that stops organizations from building cyberteams. It's a skills crisis, says SANS Institute founder Alan Paller, who tells why now is the ideal time to fill top roles with qualified professionals.
"This is our life for the future," DHS's Mark Weatherford says. "Bad guys are figuring out that they can create this kind of havoc at almost [no] cost for themselves. It is more than just a distraction; it is now the way we operate."
The key to effective breach response is to not take a one-size-fits-all approach, says attorney Ronald Raether, who outlines top strategies organizations should consider when dealing with an incident.
Using technology to prevent breaches is insufficient. Security leaders also must address the human factor, making sure staff members receive appropriate training on clear-cut policies - before it's too late.
Managing advanced persistent threats will be a priority throughout 2013, says RSA CISO Eddie Schwartz. How should organizations defend themselves against APTs and the year's other top security threats?
It's not malware, crime rings or hacktivists. What, then, are among the threats that concern security leaders most? CISO Tom Newton offers new insight on today's top threats and strategies to combat them.
In the rush to allow personal devices to be used for work, we in application security neglected to examine thoroughly the new risks external applications may introduce to our organizations.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.