A lack of broad awareness of the opportunities in information security may be one of the biggest bottlenecks to capacity-building, says Dr. Ron Hale, ISACA's Chief Knowledge Officer, in this exclusive interview.
More cybersecurity specialists are making the leap from long-time careers in law enforcement, the military and the government to the private sector, says Dale Meyerrose, a retired U.S. Air Force Major General, who explains why.
Attorneys general in nine states say card issuers should move to chip-and-PIN, rather than chip-and-signature, as they roll out EMV. But are other issues, such as wider use of encryption and tokenization, more worthy of attention?
Credit rating agency Moody's Corp. warns that cyber defenses as well as breach detection, prevention and response will be higher priorities in its analysis of the creditworthiness of companies across all sectors, including healthcare and financial services.
Dell is moving to patch a customer-support application preinstalled on many laptops and PCs after security researchers found that it installs a root certificate that could be abused by attackers to intercept private data.
Too many security awareness and education programs fail because they're boring, says Lance Spitzner, research and community director for the SANS Institute's "Securing the Human" program. Read his suggested fixes.
Key stakeholders representing international legal and security experts discuss strategies and frameworks to establish a cybersecure ecosystem and jurisprudence against growing threats and attacks. What is needed for them to succeed?
As the unfolding investigation into the Paris attacks shows, just sharing threat-related data - without adding the crucial context that turns it into actionable intelligence - won't help organizations block attacks.
CERC's head Ponnurangam Kumaraguru (PK) says industry bodies and the government should take the onus of evolving a blueprint to build the capacity of info security professionals with a well laid-out incentive program to attract new entrants.
Despite near-constant warnings from law enforcement officials and the information security community, too many organizations still aren't taking security seriously, experts warned at the Irish Cyber Crime Conference in Dublin.
The moment a successful defense is deployed, attackers find new ways to break into networks. In this video interview, Dr. Dale Meyerrose describes the damage wreaked by APTs and the strategies organizations can use to keep attackers at bay.
Discussions I recently moderated around mobile security indicate that Indian practitioners have significant doubts about the effectiveness and applicability of mobile security solutions such as MDM and others.
Among the top challenges to security leaders is turning a deluge of information into threat intelligence. To make that conversion, companies must identify and remediate the potential threats in their environments, says Ajay Nigam of BrightPoint Security.