Enterprises need to think beyond malware, breaches and insider threats when assessing information security. Keeping hardware up and running - available - is a crucial aspect of securing essential data.
A new audit and assurance program from ISACA aims to help organizations deal with the current patchwork of European cybersecurity rules and regulations, including an increased demand for greater online attack resilience.
White House Cybersecurity Coordinator Michael Daniel is under fire for perceived 'bragging' about his lack of technical expertise. But was Daniel, in fact, bragging? And is he off base in saying his job doesn't require deep technical experience?
The hacker community can be a cynical crowd, or perhaps a realistic one, that tries to make the best of the threats confronting society. CISO Dan Geer, for example, prefers to hire security folks who are, more than anything else, sadder but wiser.
Is having too many stakeholders who care about cyberspace's viability a hindrance to security? That's one way to interpret comments from White House Cybersecurity Coordinator Michael Daniel as he addresses the challenges of governing the Internet.
Under assault by advanced threats, organizations must change their approach, says Damballa's Stephen Newman. Detection is out; response is in. How do organizations deal with 'a constant state of infection?'
A new voluntary cybersecurity framework from the Bank of England is designed to help financial institutions in the U.K. identify vulnerable areas that could be exploited by a cyber-attack. Find out the details of the new program.
A George Mason University researcher says NIST's cybersecurity framework is likely to cause more problems than it solves. Instead, he encourages critical infrastructure operators to adopt dynamic cybersecurity provisions.
What does "IT security as a business enabler" mean? For a definition, Gartner's Paul Proctor looks to the way IT managers at a European car maker translate security problems into a language a CEO can understand.
A group of noted cryptographers, academics and business leaders will provide an independent assessment of the way the National Institute of Standards and Technology develops cryptographic standards and guidelines.
A George Mason University research fellow says the cybersecurity framework, issued earlier this year by the National Institute of Standards and Technology, is likely to cause more problems than it solves.
President Obama has reportedly decided that the government shouldn't exploit encryption flaws, such as Heartbleed, in most instances unless there's "a clear national security or law enforcement need." But how should that need be determined?