Creating circles of trust - networks of IT security professionals who rely on one another - is a key element in forthcoming National Institute of Standards and Technology guidance on incident response.
NIST is developing risk management guidance on the IT supply chain that says organizations should take an incremental approach and ensure that they first reach a base maturity level in organizational practices.
In the wake of Arbor Network's recent discovery of a new botnet that's brute-forcing passwords on WordPress sites, security experts, including Nick Levay of Bit9, recommend beefing up password security on web applications.
Three U.S. banks have been targeted by new DDoS attacks that apparently had little impact. As bank defenses improve, some experts say the attackers may shift targets to other industries affecting critical infrastructure.
Consolidating Microsoft Active Directory isn't just a technical challenge, but a personnel one as well. Just ask Johnson Matthey's Steve Way, who had to calm dozens of administrators he labels as "masters of their own universe."
As cyber patent lawsuits become more common in regulated industries, organizations should take steps to protect their patents and fight infringement claims, says attorney James Denaro, who offers insight.
Microsoft touts new security features built into the Windows 8.1 Enterprise operating system. But are they enticing enough to win over organizations that are reluctant to upgrade from older OS versions?
The panel would review the latest intelligence and communications technologies to determine the risk of unauthorized disclosure to national security and foreign policy, as well as assess the need to maintain the public trust.
In the wake of the NSA leak by former systems administrator Edward Snowden, how can organizations limit the amount of data access offered to those managing IT systems? Former CIA CISO Robert Bigman explains.