When Mano Paul of (ISC)2 discusses today's top application security challenges, he draws an analogy with sharks. And what he views as the skills needed to tackle today's top threats might surprise you.
Don't be too fast to blame Research In Motion for the disruption in BlackBerry service if your organization suffered from the lack of e-mail exchanges. It could be partly your fault, too, says noted infosec lawyer Francoise Gilbert.
"Given that the data tested against our network consisted of sign-in ID-password pairs, and that the overwhelming majority of the pairs resulted in failed matching attempts, it is likely the data came from another source and not from our networks," says CISO Phillip Reitinger.
"I think the New York Stock Exchange was probably prepared for this sort of thing anyway," says security researcher Wendy Nather. "One threat, more or less, is not going to make a difference in the security measures they have in place."
The growing IT security profession - which shows virtually no unemployment, according to government data - remains the domain of white and Asian men with a scarcity of women, African Americans and Latinos.
The Department of Homeland Security is undertaking nine private and three public cloud computing initiatives, establishing private cloud services to manage sensitive but unclassified information while using the public cloud for non-sensitive data.
These arrests also highlight the U.S. vulnerability to crimes involving payment cards with magnetic stripes. "The U.S. is a criminal's playground right now," says John Buzzard of FICO Card Alert Service.
A children's health system is offering free credit monitoring to 1.6 million after the loss of backup tapes. It's the second major breach incident revealed in recent weeks involving lost or stolen backup tapes.