New focus for anti-fraud pros: Cloud computing providers whose employees may steal or harm customer data they host. Experts from Carnegie Mellon University's CERT Insider Threat Center offer prevention tips.
NIST's Ron Ross, a big NASCAR fan, likens new security controls guidance to the tools race-car builders use to prevent drivers from breaking their necks when crashing into a brick wall at 200 miles an hour.
Security firm Mandiant recently released a widely publicized report detailing cyber-espionage activity originating in China. Mandiant Director Charles Carmakal discusses the latest nation-state threats.
NIST's Donna Dodson is leading a federal government effort to take hundreds of suggestions from the private sector to create an IT security best practices framework that critical infrastructure operators could voluntarily adopt.
It isn't just the quantity of cyber-attacks that's staggering; it's the quality. The average hacker now has access to nation-state-level attack capabilities, says James Lyne of Sophos. How can organizations defend?
It isn't a staffing shortage that we face, but rather a skills crisis, says Allan Boardman, international vice president of ISACA. How can organizations build the security skills they need to mitigate evolving risks?
Should IT security practitioners be deemed professionals like those in medicine and law? That's not an easy question to answer, says Ronald Sanders, former human capital officer at the U.S. Office of the Director of National Intelligence.
The European parliament recently voted to extend and strengthen the European Network and Information Security Agency. What does this news mean for Europe's top cybersecurity agency and for the state of emerging threats across Europe?
The hunt for a Boston Marathon bombing suspect that locked down the city caused massive disruption to business operations, but enterprises that had business continuity plans in place hardly missed a beat.
The rush to find qualified IT security professionals to meet current cyberthreats could jeopardize IT systems' security in the not-too-distant future, say two leading IT security experts, Eugene Spafford and Ron Ross.