The potential of governments messing with commercial IT security products - think China and the NSA - means organizations need to improve lines of communications to assure the integrity of the IT wares they acquire. ISF's Steve Durbin discusses mitigating supply-chain risk.
While preparing a speech to be delivered in Korea, NIST's Ron Ross wanted to convey the message of the importance of computer security. He hit on five themes - threat, assets, complexity, integration and trustworthiness - which form the acronym TACIT.
Whether reports that the National Security Agency entered into a secret contract with security provider RSA are true or not - and RSA says they're not - the reputations of all American security vendors have been tarnished.
Federal agencies overwhelming ignore guidance on the top 20 critical security controls, a new survey shows. Two risk management experts explain the pros and cons of adopting this guidance vs. broader NIST guidance.
President Obama defends the National Security Agency's bulk-collection initiative, but suggests he may adopt some of the recommendations presented by a panel that proposes changes in the NSA's surveillance program.
An independent presidential panel makes recommendations to limit the National Security Agency's surveillance methods, including curtailing the way the government systematically collects and stores metadata from Americans' phone calls.
Cyberthreats increasingly target mobile devices, and simple security measures could help end-users slash these incidents by 50 percent. This is the key finding of ENISA's new Threat Landscape Report, says Louis Marinos, the prime author.
President Obama met with technology company executives critical of his administration's surveillance program a day after a federal judge ruled that portions of the National Security Agency program could be unconstitutional.
A federal district court judge's ruling that a National Security Agency program collecting metadata from telephone calls could be unconstitutional suggests that the law hasn't kept pace with changing technology.
A combination of technical and managerial problems set the stage for hackers to breach a Department of Energy database last summer, a new report shows. The incident cost the department millions of dollars.
NSA Director Gen. Keith Alexander says the agency has taken 41 actions to prevent leaks by insiders in the wake of disclosures of classified documents about the agency's surveillance programs by former agency contractor Edward Snowden.
Call center fraud is one of the leading threats that financial institutions will battle next year because fraudsters consider the centers to be an easy target. But what can be done to mitigate this threat?
A letter from eight prominent online companies to President Obama and Congress calls for reform of government surveillance programs, outlining concerns about the way the NSA monitors online and telephone communications.