A successful effort to build a corporate culture that values privacy should be built on ideas that come from the rank-and-file staff in all departments, says Jan Hillier, a specialist in managing change.
IT security practitioners realize much value from the monthly cybersecurity index created a year ago by Mukul Pareek and Dan Geer. Why? They benefit from knowing how others see the evolving threat environment.
Many organizations aren't devoting enough resources to ensure that applications for mobile devices are secure, says security expert Jeff Williams. He offers five tips for adequately addressing mobile application security.
The Industry Consortium for Advancement of Security on the Internet has introduced an enhanced version of its free security vulnerability reporting framework designed to ease the sharing of breach information.
For years, David Matthews, Deputy CISO of the City of Seattle, has been immersed in securing electronically stored information. Now he's written the book on the topic. What are the key themes addressed?
"You need to educate people, and you need to have the right control procedures in place to ensure that people are aware of insider fraud," says Larry Ponemon, offering tips to reduce insider risks.
In an interview about the insider threat, Ponemon discusses:
Key findings from this new research;
What needs to be...