Domain name systems are among the least known - but most important - security vulnerabilities for organizations in all sectors. But government agencies in particular need to be concerned about DNS security to protect their e-government initiatives.
In an exclusive interview on DNS security, Mark Beckett of Secure64...
U.S. government agencies are eager to gain the service and cost efficiencies of cloud computing, but the Government Information Security Today survey finds they have serious reservations about information security in the cloud.
"Raising the security awareness of your workforce is your best defense against having a breach incident," says David Holtzman, who's on the federal team that enforces the HITECH Act breach notification rule.
Michaels Stores Inc. says POS PIN pads at nearly 90 stores in 20 states were tampered with, exposing debit and credit cardholders to fraud. Now the chain says it is replacing PIN pads at the majority of its 964 U.S. stores.
The legislative blueprint for comprehensive cybersecurity legislation would strike a critical balance between strengthening security, preserving privacy and civil liberties protection and fostering continued economic growth, an official says.
Five Democratic senators point to inconsistencies in corporate Security and Exchange Commission reporting, investor confusion and the national importance of addressing cybersecurity for the need of new guidance.
Plan would nationalize breach notification law, set penalties for cybercrimes and protect businesses from lawsuits that share cybersecurity information with DHS as well as promote the use of cloud computing.
"Our ability to provide immediate response to vulnerabilities and threats ... is quickly establishing VA as a model of excellence for the rest of the federal government."
VA CIO Roger Baker says in testimony before a House panel.
When it comes to hot topics, they don't get hotter than authentication, cloud computing and IT governance - all of which I've discussed at length in recent interviews with industry thought-leaders. Let's review some highlights from these conversations.
"No one up here wants to stop Apple or Google from doing the incredible things that you do," Sen. Al Franken says. "What today is about is trying to find a balance between all of those wonderful benefits and the public's right to privacy."
ThreatMetrix's Taussig says device identification must be part of layered security measures. Banking regulators want financial institutions to deploy multiple layers of online security. But what does that expectation mean when it comes to investments in fraud detection?