In case you missed ISMG's 2013 Fraud Summit - or even if you were there and want to share insights with colleagues - I'm pleased to announce the availability of a series of session videos featuring top fraud experts.
Figuring out how Edward Snowden breached NSA computers is sort of like solving a puzzle. Take public information and match it with an understanding of how organizations get hacked, and the pieces seem to fall into place.
FS-ISAC has issued a white paper with tips on streamlining third-party software risk assessments. One member of a new working group explains why the adoption of standard security controls is so critical.
For risk managers, an often overlooked step for minimizing supply chain risks is to continually monitor outsourcers and other third parties to address critical security issues, says the Information Security Forum's Steve Durbin.
Google has agreed to a $17 million settlement with 37 states and the District of Columbia over its unauthorized placement of cookies on computers using Apple Safari Web browsers, which the states claim was a privacy violation.
Computer scientists at the Georgia Institute of Technology are developing new ways to apply encryption when storing or searching data in the cloud, says Paul Royal, associate director of the university's information security center.
Every second, 80 "things" are being connected to the Internet, and ISACA's Rob Stroud says that requires information security professionals to identify and mitigate threats, protect individuals' privacy and manage access.
New payment card security standards issued by the PCI Council include a number of improvements, plus some glaring omissions, such as requirements for mobile, security experts say. What are their chief concerns?
The National Institute of Standards and Technology continues to collaborate with the National Security Agency on its IT security guidance even as it investigates whether the spy agency meddled with one of its special publications.
NIST is revising its 3-year-old smart-grid guidance to address technological and policy changes that have made the power grid more susceptible to vulnerabilities and threatened utility customers' privacy.