In light of growing threats and the increasing complexity of information technology, organizations must get everyone in the enterprise, especially top leaders, involved in assessing and managing information risk.
To mitigate the top threats for 2013, organizations need to understand the motivations of potential attackers so they can adequately defend their networks and systems. Experts describe risk management strategies for the year ahead.
The hacktivist group Izz ad-Din al-Qassam Cyber Fighters claims that its second phase of distributed-denial-of-service attacks has affected nine banks since Dec. 11, and it warns more attacks are on the way.
An evolving concept known as "intelligent security" involves using a combination of technologies to detect threats, helping security professionals become more proactive. Learn how pioneers are using the new approach.
Before embarking on the tragic Newtown, Conn. shootings, Adam Lanza reportedly destroyed his computer. But is the machine's data also destroyed? Forensics expert Rob Lee discusses how "lost" data is retrieved.
IBM's Dan Hauenstein, in analyzing Big Blue's 2012 Tech Trends Report, says security concerns often inhibit the adoption of four technologies: mobile, cloud, social business media and business analytics.
Sometimes HIPAA training alone is just not enough to drill into peoples' heads why and how patient information needs to be protected. So, how are organizations getting medical staff to do the right thing?
The answer seems obvious, especially in the context of IT security and information risk. Yet, is it, especially when developing codes and standards, as well as funding research and development initiatives that involve taxpayer money?
The National Institute of Standards and Technology has issued new guidance titled "Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping," the sixth part of a series of recommendations regarding the modes of operation of block cipher.
A draft of new guidance intended to be a blueprint to validate and implement a secure infrastructure as a service cloud computing offering has been issued by the National Institute of Standards and Technology.
Karen Scarfone, who coauthored NIST's encryption guidance, sort of figured out why many organizations don't encrypt sensitive data when they should. The reason: they do not believe they are required to do so.
While some healthcare organizations are quickly rolling out privacy and security policies for employee-owned mobile devices, others are moving slowly. What BYOD tips do healthcare security leaders offer?
CISOs' top three priorities for 2013 are emerging threats, technology trends and filling security gaps, says RSA CISO Eddie Schwartz. But what new strategies should leaders employ to tackle these challenges?