While news of the NSA's data collection caught many off guard, it's just another example of the U.S. culture of surveillance, says sociologist William Staples, author of the book "Everyday Surveillance."
Georgia Tech researchers are working on a way to profile devices along the supply chain to identify whether they've been compromised, says Paul Royal, associate director of the Georgia Tech Information Security Center.
Training that's designed to help workers avoid clicking on links from spear-phishing e-mails may be ineffective because employees often fail to read training materials, says Eric Johnson, a Vanderbilt University professor who's co-author of a new study on the subject.
As a result of high-profile breaches, such as the Target incident, security is increasingly a board issue. What are the key topics security leaders should prepare to discuss in 2014? Alan Brill of Kroll offers his forecast.
To help reduce reliance on passwords, the FIDO Alliance is developing standard technical specifications for advanced authentication. Michael Barrett and Daniel Almenara of FIDO describe the impact the effort could have in 2014.
Leon Rodriguez, director of the HHS Office for Civil Rights, could leave the HIPAA enforcement agency to become the director of U.S. Citizenship and Immigration Services if his presidential nomination is formalized and he wins Senate approval.
Breach detection provider FireEye has acquired incident response and remediation services company Mandiant , forming a formidable company that can provide soup-to-nuts products and services to detect, mitigate and respond to breaches.