CISOs shouldn't be tied too closely to specific guidance and processes when new threats emerge or their organization has suffered a breach, says RSA CISO Eddie Schwartz.
"With the increasing breadth and depth of cyberattacks ... risk assessments provide important information to guide and inform the selection of appropriate defensive measures so organizations can respond effectively," guidance coauthor Ron Ross says.
Two Romanians pleaded guilty to breaching point-of-sale systems at Subway and other U.S. retailers. Experts say the breach exposes common security vulnerabilities that remain a concern.
If Congress banned the sale of computer wares from Chinese companies to prevent backdoor spying, components made in China would still make it to American shores through products sold by other vendors. Virtually all of them contain Chinese-made parts.
The Government Accountability Office justifies the need for further action, noting that malware variants aimed at mobile devices have risen to 40,000 from 14,000 in less than a year.
Organizations mulling the purchase of cyber insurance should vet their brokers to see if they truly understand policies that provide breach protection, cyber liability lawyer Richard Bortnick says.
The Food and Drug Administration has proposed several ways to improve post-market medical device surveillance for adverse events and safety issues, including malware-related incidents. Find out the details of a new report.
September is the peak of the Atlantic hurricane season. How should organizations in the potential path of these storms assess preparedness? Alan Berman of the Disaster Recovery Institute advises.
As a result of the recent Apple-Samsung verdict, CISOs at organizations need to be mindful of where their software is being sourced from, says patent attorney Jim Denaro.
The iPhone 5 is coming, and so are a slew of new or upgraded smart phones and tablets. How should security leaders prepare for this new wave of mobility? Malcolm Harkins, CISO of Intel, offers advice.
The continuing loss of data to China suggests that the federal government should carefully assess the cybersecurity implications associated with the expansion of Chinese cloud and mobile providers in the U.S.
Developing secure mobile applications is just one part of the process in creating new programs. Communicating how applications are secured is crucial in building IT security awareness among stakeholders.
A federal agency is offering a free online training program that provides useful insights on protecting information privacy. Learn how this clever training "game" works.
A Twitter posting by an individual claiming to be from the hacktivist collective Anonymous claimed it targeted GoDaddy on Sept. 10, but it wasn't until the following day the company determined its computers were not breached.
An individual claiming to be part of Anonymous, the hacktivist group that has targeted big business and government, seems to have taken aim at small businesses by claiming to have disrupted website host GoDaddy.com.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.