While user education is valuable, needed and helpful, there is one problem with this approach - it only partially works, and partially working is simply not good enough, security expert George Tubin contends.
Improving collaboration among employees is the goal of Yahoo CEO Marissa Mayer's decision to ban telecommuting, but her edict means better information security as well, writes veteran CISO Patricia Titus.
The OWASP Top Ten list of security risks was created more than a decade ago to be the start of an industry standard that could bootstrap the legal system into encouraging more secure software. Here are the 2013 updates.
While adoption of cybersecurity defenses will serve to protect personal data, privacy lawyer Harriet Pearson says some of the defense techniques may require the monitoring or collection of personal information.
Using technology to prevent breaches is insufficient. Security leaders also must address the human factor, making sure staff members receive appropriate training on clear-cut policies - before it's too late.
Smaller nation-states have been upping the ante of cyber-attacks for years, and now one has shown us exactly the kind of cyberdestruction that extremist elements are willing and able to conduct, former-U.S. National Intelligence Director Mike McConnell writes.
The continuing loss of data to China suggests that the federal government should carefully assess the cybersecurity implications associated with the expansion of Chinese cloud and mobile providers in the U.S.
When you and I say 'cloud,' we may think of two very different things, ISACA leader Peter Spier writes. Partly this stems from a lack of common definition on the term. Read on to see how such confusion can be overcome.