A House panel establishes a bipartisan supply chain working group to explore the federal government's role in helping industry assure that IT and telecommunications wares they buy abroad are safe from exploits.
A variation of hack-back - in which a victim of a cyber-attack assaults the assailant's computer or network - could be used to mitigate the theft of intellectual property, according to the Commission on the Theft of American Intellectual Property.
Facing advanced cyber-attacks, organizations must shift their focus to detection and mitigation, says ISACA's Jeff Spivey, who outlines four capabilities necessary for effective response.
NIST's Ron Ross sees the cloud as helping to reduce the complexity of keeping data secure. But security expert Eugene Spafford of Purdue University offers a different viewpoint in the first part of a two-part joint interview.
A distributed-denial-of-service attack in Europe highlights the need for Internet service providers to implement security best practices to prevent future incidents and protect their users, ENISA's Thomas Haeberlen says.
Gary Warner, a computer forensics researcher at the University of Alabama at Birmingham, says malware aimed at POS systems isn't likely to affect ATMs. But others say the threat to ATMs is viable.
Maintaining accurate logs of systems' activities is crucial in helping catch insiders who threaten an organization's digital assets, says George Silowash, co-author of the Common Sense Guide to Mitigating Insider Threats.
"Organizations have to be able to develop their security plans that really talk to their specific mission," National Institute of Standards and Technology's Ron Ross says. "The overlay concept is introduced to allow that specialization."
Providers of technologies employees acquire through unconventional channels that could bypass their employers' supply-chain controls are known as "shadow suppliers." Here's why you should care about them.
In the aftermath of an international $45 million cyberheist and ATM cash-out scheme, experts say pinpointing the source of such a massive breach can be difficult. Why?
How can organizations use big data to forecast cyber-attacks and support forensics investigations? Michael Fowkes and Aaron Caldiero of Zions Bank provide insight.
What's it going to take to attract individuals to cybersecurity and develop the needed skills to tackle the profession's future needs? ISACA's Allan Boardman offers his insights on growing the field.
Ronald Sanders says it isn't easy to answer the question of whether the information security field should be professionalized. The former human capital officer at the Office of the Director of National Intelligence explains why.
Malware attacks against retailers are becoming more common. Many breaches linked to these attacks could be prevented, experts say, if merchants took more steps to lock down networks and point-of-sale devices.
From a risk-management perspective, Bloomberg didn't consider its reputation when it allowed its reporters to track the log activity of Bloomberg Terminal customers.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.