The theft of 2 million credentials reminds security professionals that their organizations are at risk because many employees use the same passwords and devices for personal and business purposes, data security lawyer Ronald Raether says.
You can be outraged that the NSA collects Internet communications records of U.S. citizens. But don't be surprised, says sociologist William Staples. This is just one example of our "culture of surveillance."
Governments and others using cloud-based services should keep 10 security tips in mind, including making sure they can maintain control of their data if a service provider goes bankrupt, says Dimitra Liveri, co-author of a new report.
NIST will soon start writing the "final" version of its cybersecurity framework, a guide to information security best practices for operators of the nation's critical infrastructure. But should it be beta tested?
National policies regarding cybersecurity can have a positive or negative effect on global trade efforts, says Allan Friedman, research director of the Brookings Institution's Center for Technology Innovation.
Attempts to shame China haven't been effective in stopping that country from pilfering intellectual property from the computers of American companies, according to a new report to Congress from a special commission.
In case you missed ISMG's 2013 Fraud Summit - or even if you were there and want to share insights with colleagues - I'm pleased to announce the availability of a series of session videos featuring top fraud experts.
Figuring out how Edward Snowden breached NSA computers is sort of like solving a puzzle. Take public information and match it with an understanding of how organizations get hacked, and the pieces seem to fall into place.
FS-ISAC has issued a white paper with tips on streamlining third-party software risk assessments. One member of a new working group explains why the adoption of standard security controls is so critical.
For risk managers, an often overlooked step for minimizing supply chain risks is to continually monitor outsourcers and other third parties to address critical security issues, says the Information Security Forum's Steve Durbin.
Google has agreed to a $17 million settlement with 37 states and the District of Columbia over its unauthorized placement of cookies on computers using Apple Safari Web browsers, which the states claim was a privacy violation.