NIST's Ron Ross will be quite busy at RSA Conference 2012, not only promoting revised guidance on security and privacy controls to be unveiled at the securing conclave, but also participating in a panel on one of his favorite topics: continuous monitoring.
Cloud computing gives the jitters to those charged with protecting their organization's IT assets. To gauge the concerns of security professionals about cloud computing, we're fielding a global survey covering all industries. We want to know your views.
Although insider-threat incidents within organizations tend to be different case-by-case, says Carnegie Mellon University's Dawn Cappelli, there are similarities and patterns that organizations can look for when mitigating their risks. What are some of the common characteristics among insiders, and how can...
"Professionals like me now understand that we are the ambassadors for ethical behavior and should actively encourage other employees to adhere to it," says Alessandro Moretti, a senior risk and security executive.
What are the critical steps that IT security professionals should take in the aftermath of a breach? CEO Micky Tripathi of The Massachusetts eHealth Collaborative offers eight practical lessons based on his breach resolution experience.
Bringing Your Own Device raises jitters among employers, who worry about exposing or losing sensitive data, and employees, who fret about their bosses spying on them. Despite these anxieties, the trend will continue because that's what people want.
Five years ago, the Council of Registered Ethical Security Testers began as an organization to bring standardization to the penetration testing industry. Today, CREST's scope is expanding across industries and global regions, says president Ian Glover.
Identifying the insider who could pose a threat to your organization's IT assets must be a team effort among non-technology, IT and information security managers, Carnegie Mellon University's Dawn Cappelli and Mike Hanley say.