"Managing risk with regard to information systems and security sometimes doesn't go to the highest levels and that's why the risk framework is a way to get senior leaders involved early in the process," NIST senior computer scientist Ron Ross says.
The innocent use for three years of a Yahoo calendar application exposed personally identifiable information of 878 patients at the Department of Veterans Affairs' Chicago Healthcare Systems, a violation of VA policy.
"If you at all have any inclination of allowing Internet access in your company networks, you need a social media policy," says Hemu Nigam, former CSO at MySpace.
"Literally, in my entire time working in the privacy field, I've never seen such profound and aggressive activity by the government in the privacy space," privacy expert Thomas Oscherwitz says.
"I'll probably be hung for this, but I really believe the cloud can be more secure than what we do today," says CTO Tomas Soderstrom of NASA's Jet Propulsion Lab. "It's fairly uniformed, if you apply a patch, you can apply it to everything at once."
WikiLeaks founder Julian Assange has become akin to a "cyber messiah," Hemu Nigam says. And Assange's followers have proven: "If you turn your back on our messiah, we are going to take you down."
One-third of students who gave up social media for a week say they felt less stressed by not having to compulsively check updates and posts on social networks.
"Organization-wide monitoring cannot be efficiently achieved through manual processes alone or through automated processes alone; however, automation can make the process of continuous monitoring more efficient," NIST says.
By working closely with cloud computing providers, IT leaders at NASA's Jet Propulsion Laboratory feel more confident about placing sensitive, mission-critical information securely in the cloud, says JPL CTO Tomas Soderstrom.
Looking ahead to the new year, Kristin Lovejoy of IBM says information security organizations face a host of global compliance issues - and the complexity of this challenge may be the biggest task of 2011.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.