2011 has offered quite a number of tough lessons for security professionals. Here at (ISC)2, where security education is our focus, the close of another year raises the old teacher's question: "What have we learned, class?"
One key reason why encryption isn't more widely used in healthcare is that some information technology specialists have outdated perceptions about the technology, contends security expert Melodi Mosely Gates.
With the extension of ENISA's mandate into 2013 by the European Parliament & Council, the agency can continue to educate and collaborate with other nations on cybersecurity issues, an area of constant importance.
The team at the European Network and Information Security Agency identified 50 security threats that exist within the new web standards and sent recommendations for how they should be addressed to W3C.
The threat landscape has evolved, and India's banking institutions must grow their information security strategies, says Anand Naik of Symantec, which just released a report that offers a new security agenda to institutions.
A card compromise at a California-based grocery chain has raised questions about the efficacy of PCI-DSS. Experts say even if merchants are compliant, fraudsters can easily get around the security measures.
Bank of America, a pioneer in mobile banking, says mobile is hot, but it also opens financial institutions to unknown risks. What proactive steps should banks and credit unions take to ensure they're ready?
Phishing schemes, like the one claiming to be from the Better Business Bureau, target consumers who have concerns about troubled accounts or account breaches. And social engineering is used more often to acquire financial and personal information.
BITS president Paul Smocer says banks can expect an uptick in cybersecurity-focused legislation in 2012. What impact will changes from Capitol Hill have on requirements for data breach notification, information sharing and critical infrastructure?