The individual implementing security - the chief information officer - can't be the same as the person responsible for testing security, conducting audit and reporting on security weaknesses, South Carolina Inspector General Patrick Maley says.
Absent a uniform method, the NIST interagency report investigates credential revocation, focusing on identifying missing requirements, and suggests a model for credential reliability and revocation services that addresses those missing requirements.
South Carolina's Revenue Department went nearly a year without a chief information security officer before its tax system was hacked this summer. The agency's chief says the state couldn't find a qualified candidate for the job that pays $100,000 a year.
As seen on YouTube, South Carolina Gov. Nikki Haley, more than any other chief executive, in or out of government, is out front leading the response to a breach of its tax system. It's been an education for the governor as well as South Carolinians.
Despite numerous data breaches, as well as financial incentives and penalties, many healthcare organizations aren't taking risk assessment requirements seriously. Experts offer insights on best practices.
Social media platforms are ever-evolving. But organizations' and individuals' use of social media has not evolved and may create new risks, says educator Sherrie Madia. How should we manage these risks?