"With the increasing breadth and depth of cyberattacks ... risk assessments provide important information to guide and inform the selection of appropriate defensive measures so organizations can respond effectively," guidance coauthor Ron Ross says.
If Congress banned the sale of computer wares from Chinese companies to prevent backdoor spying, components made in China would still make it to American shores through products sold by other vendors. Virtually all of them contain Chinese-made parts.
The Food and Drug Administration has proposed several ways to improve post-market medical device surveillance for adverse events and safety issues, including malware-related incidents. Find out the details of a new report.
The continuing loss of data to China suggests that the federal government should carefully assess the cybersecurity implications associated with the expansion of Chinese cloud and mobile providers in the U.S.
Developing secure mobile applications is just one part of the process in creating new programs. Communicating how applications are secured is crucial in building IT security awareness among stakeholders.
A Twitter posting by an individual claiming to be from the hacktivist collective Anonymous claimed it targeted GoDaddy on Sept. 10, but it wasn't until the following day the company determined its computers were not breached.
An individual claiming to be part of Anonymous, the hacktivist group that has targeted big business and government, seems to have taken aim at small businesses by claiming to have disrupted website host GoDaddy.com.
Organizations must carefully consider patch management in the context of overall IT security because it's so important to achieving sound security. Read about NIST's recommendations on how best to implement patch management.