Washington has become the third state to pass legislation incorporating the Payment Card Industry Data Security Standard (PCI) to help financial institutions recover costs from credit/debit card breaches.
As Congress returns from its spring break this week, it will have six notable cybersecurity bills - perhaps one more - to consider before summer rolls around and legislators focus more on getting reelected than lawmaking.
Guidance on how organizations should protect the confidentiality of personal identifiable information, SP 800-122: Guide to Protecting the Confidentiality of Personally Identifiable Information, or PII, has been issued by the National Institute of Standards and Technology.
A group of experts assembled by the National Institute of Standards and Technology and National Security Agency has reached a consensus on the definition of the term privilege management, which describes a set of processes for managing the data, attributes and policies in particular that determine a user's access...
New legislation, figuratively speaking, would create a U.S. ambassador to cyberspace. The measure, in reality, would establish an ambassador-at-large post to engage foreign nations in securing digital networks worldwide.
The federal government could be doing a better job in implementing two key information security initiatives, the Federal Desktop Core Configuration and Trusted Internet Connection, the General Accountability Office suggests in two new reports.
Everyone is talking about cloud computing these days - but are they having the right conversations?
H. Peet Rapp is an information security auditor who sits on ISACA's Cloud Computing Work Group, and he's co-author of the white paper Cloud Computing: Business Benefits With Security, Governance and Assurance...
"This will not be easy nor will it take place overnight. Our current actions represent important steps towards a stronger federal cyber defense, but we must remain ever-vigilant," Federal CIO Vivek Kundra says.
The topic has been discussed for years, but now truly is the time for organizations to invest in federated identity management.
So says Tom Smedinghoff, partner at Chicago-based law firm Wildman Harrold. In an exclusive interview, Smedinghoff discusses:
What's new about federated ID management;
Why is it so difficult to provide information security for our government computer-based systems? Complexity is a major reason, but the force behind the Consensus Audit Guidelines offers ways to safeguard government IT.