In the areas of risk management and business continuity, security professionals have advanced significantly since Sept. 11, 2001. But there's still an issue of complacency that needs to be addressed, says Rolf von Roessing, past international vice president of ISACA.
Former CIA lawyer and senior congressional staffer Suzanne Spaulding will assume the Federal Protective Service, Infrastructure Protection, Risk Management and U.S.-Visit portfolios. Current Acting Deputy Undersecretary Greg Schaffer will oversee cybersecurity.
Federal authorities deserve credit for adding privacy and security details to the final version of the Federal Health IT Strategic Plan, several observers say. But some still believe the document doesn't go far enough in spelling out specific action steps and priorities.
Information security poses a major challenge to the widespread adoption of cloud computing, yet the Cloud Security Alliance, an association of cloud stakeholders, sees the cloud as a provider of information security services.
As smartphone usage grows, so do emerging threats of mobile malware. When it comes to mobile banking security, financial institutions can only do so much. Security solutions will have to come from mobile vendors, says ENISA's Giles Hogben.
Want to reduce ATM skimming incidents? Heed the advice of Seattle-area banking institutions and law enforcement officials, who have gleaned a half-dozen clues from that region's recent fraud investigations.
Requiring even limited use of metadata tags for stage two of the HITECH Act's electronic health record incentive program is premature and inappropriate, three associations have told federal authorities.