Intel has added privacy to the portfolio of its top information security executive, Malcolm Harkins, who says too many information security professionals are "color blind or tone deaf" to privacy, wrongly thinking strong data protection provides privacy safeguards.
Attacks against Facebook, Twitter and other organizations over the past few months should send a message to business owners that they need to better fund cybersecurity, IT security expert Mischel Kwon says.
John Stewart, chief security officer at network provider Cisco, says too many organizations develop IT security policies that are more complex than they need to be.
U.S. banks have been hit by a new wave of distributed-denial-of-service attacks, and experts say the botnet behind the attacks is getting stronger. Learn about the latest developments.
The PATCO fraud case shows why banking institutions cannot rely on compliance to ensure security. In an RSA 2013 preview, attorney Joseph Burton discusses legal lessons from the PATCO settlement.
Our RSA panel features the NIST thought-leader responsible for its information risk publications along with top IT security practitioners who take NIST guidance and make it work. See how they do it.
Ron Ross, the NIST computer scientist who heads the initiative that is revising the guidance, characterizes the updated publication as the most comprehensive one since the initial catalogue of controls was issued in 2005.
Many organizations are weighing whether cyber-insurance is a worthwhile investment. A decision on the type of policy to buy, and what it should cover, depends, in part, on the type of information that could be exposed.
A draft of new guidance intended to be a blueprint to validate and implement a secure infrastructure as a service cloud computing offering has been issued by the National Institute of Standards and Technology.
Karen Scarfone, who coauthored NIST's encryption guidance, sort of figured out why many organizations don't encrypt sensitive data when they should. The reason: they do not believe they are required to do so.
While unveiling a new online resource offering mobile device privacy and security tips to help prevent health data breaches, HHS officials also stress the need for annual risk assessments.
Former FBI cyber unit chief Tim Ryan sees mounting dangers from the insider, acknowledging undiscerning employees who don't follow proper processes can cause devastation. But he says the actions of those with malicious intent can be more catastrophic.
Despite numerous data breaches, as well as financial incentives and penalties, many healthcare organizations aren't taking risk assessment requirements seriously. Experts offer insights on best practices.
Incorporating new concepts such as security-control overlays and placing a renewed emphasis on information assurance, the forthcoming guidance is 'a total rewrite' from the 2009 version, NIST's Ron Ross says.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.