Texas spent $1.2 million to notify individuals - as many as 3.5 million - whose personal information were exposed, $393,000 to established a call center and $290,000 to retain two IT consultants to examine the agency's IT security policies and procedures.
North American Clearinghouse Association, not the government, led the effort to move Food Stamps to e-payments. That's what the government wants to do with the National Strategy for Trusted Identities in Cyberspace initiative, the fed's NSTIC point man says.
"Without improvements, the weaknesses identified may limit program and site-level officials' ability to make informed risk-based decisions that support the protection of classified information and the systems on which it resides," says Rickey R. Hass, deputy inspector general for audits and inspections.
Attackers could leverage vulnerabilities to gain control of air traffic control systems, with intruders using unprotected computers to compromise other systems that depend on the same network, a Transportation Department audit reveals.
From mobile devices to social media and cloud computing, IT governance is all about risk management. "You can't de-risk everything, but you can de-risk the majority of circumstances you will see in normal operations," says governance expert Robert Stroud.
About the same percentage of respondents cite China as a major source of concern for cyberattack as they did a year ago, a McAfee study reveals. What changed? Concern about the U.S. has declined, says study author Stewart Baker.
Key questions: What impact - if any - will the recent RSA and Epsilon data breaches have on the FFIEC's pending authentication update? And when will this long-awaited banking guidance finally be released?
Physicians who use social media to discuss their work, even without naming patients, risk privacy violations, a recent case in Rhode Island clearly illustrates. The case is an eye-opener for all clinicians about social networking risks.
Top executives seek the CISO's advice to help determine whether cloud computing benefits outweigh the risks. Here are the top five cloud security risks and concerns CISOs must discuss with their leaders.
While the cause of the Epsilon e-mail breach has not been publicly disclosed, the incident's aftermath has seen a growing list of organizations impacted by the breach. It also has ignited a new debate about the sensitivity of e-mail addresses.