NIST's Donna Dodson is leading a federal government effort to take hundreds of suggestions from the private sector to create an IT security best practices framework that critical infrastructure operators could voluntarily adopt.
The Boston Marathon tragedy is yet another reminder to organizations to develop alternative ways to communicate with employees during such emergencies. Otherwise, they could put their organizations' continuity plans at risk.
A U.S. Defense Department pilot program could be adapted by the federal government to share classified and nonclassified cyberthreat information with civilian critical infrastructure operators.
A rider covertly added to the law to fund the government through September requires select agencies to assess technology purchases for cyber-espionage and sabotage, a process that could make it harder to buy wares to secure IT.
The Army inspector general took to task the Army chief information officer, Lt. Gen. Susan Lawrence, for not assuring that thousands of commercially acquired smart phones and tablets were properly secured.
Extortionists employing telephony-denial-of-service attacks - a close relative to distributed-denial-of-service attacks - are targeting emergency communications centers that dispatch first responders.
Intel has added privacy to the portfolio of its top information security executive, Malcolm Harkins, who says too many information security professionals are "color blind or tone deaf" to privacy, wrongly thinking strong data protection provides privacy safeguards.
Attacks against Facebook, Twitter and other organizations over the past few months should send a message to business owners that they need to better fund cybersecurity, IT security expert Mischel Kwon says.
By moving to a cloud-computing strategy, the city of Chicago is seeking to reduce the complexity of its IT systems and improve its information security posture, says Chief Security Officer Arlan McMillan.
The main takeaway from a House hearing this past week was that the biggest information security problem most small business operators face is that they're unaware they have an IT security problem.
The attackers' so-called Brobot, which on March 12 struck six banks, is growing, experts say. Yet only a fraction of the botnet's capabilities has been used. What else do the latest attacks reveal?
Conventional wisdom suggests China isn't interested in disabling industrial control systems in the U.S. After all, such an act would be against its own economic interest. But is that type of thinking right?
Congressional auditors contend the Internal Revenue Service has failed to implement effectively parts of its IT security program, which could adversely affect the confidentiality, integrity and availability of sensitive taxpayer information.
A software vulnerability brought down the website that gives the public access to the National Vulnerability Database, which is run by the National Institute of Standards and Technology, the U.S. federal agency that produces information security guidance.
The Department of Health and Human Services conducts three types of audits or investigations involving privacy and security issues. But preparing for any of these inquiries requires similar steps, experts say.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.