A U.S. Defense Department pilot program could be adapted by the federal government to share classified and nonclassified cyberthreat information with civilian critical infrastructure operators.
What can organizations do to improve security after a network attack? Post-breach investigations help security leaders trace steps and strengthen weak points, says investigator Erin Nealy Cox.
The call for an overarching federal cybersecurity strategy comes in the wake of findings from U.S.-CERT that federal agencies reported a nearly eight-fold increase in cyber-incidents over seven years.
Britain has an IT skills gap problem, not unlike its American cousin's, as well as nearly every other nationality. Besides technical experts, society needs psychologists, law enforcers, strategists, risk managers, lawyers and accountants with cyber know-how.
Revision 3 of the National Institute of Standards and Technology's Interagency Report 7511 defines the requirements and associated test procedures necessary for products to achieve one or more Security Content Automation Protocol validations.
Three recent identity theft incidents highlight the need for healthcare organizations to stay vigilant in preventing fraud involving insiders. Security experts offer advice.
A breach at a Texas credit union shows how fraudsters target financial institution employees to gain access to sensitive information. Why are institutions proving to be soft spots for compromise?
As banking institutions await a new wave of DDoS attacks, one security vendor says it foresaw one rare -but effective - element of these attacks as far back as 2006. What can banks expect to see next?
Managers and internal auditors don't necessarily see eye-to-eye when it comes to the results of an IT audit. PricewaterhouseCoopers' Carolyn Holcomb explains the challenges and solutions.
The Government Accountability Office justifies the need for further action, noting that malware variants aimed at mobile devices have risen to 40,000 from 14,000 in less than a year.
By combining responsible management, risk management and compliance functions and internal audits, organizations will go far in securing their data and systems, says PricewaterhouseCoopers Partner Carolyn Holcomb.
What exactly is continuous monitoring - and why is it so hard for organizations to get it right?
It is one of the most discussed and least understood concepts in enterprise risk management today. Fundamentally, continuous monitoring is about deploying systems to examine all of the transactions and data processed...
In healthcare, financial services and other sectors, information breaches are an epidemic. More than 400 major healthcare breaches have been reported since late 2009. And headline-grabbing breaches in the financial services sector, such as the Sony and Global Payments incidents, illustrate why preventing breaches -...
As we close out one year and begin another, we look back at IT security lessons that emerged over the past 12 months. Here are five that should resonate in the coming year.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.