U.S. banks are improving efforts to thwart distributed-denial-of-service attacks. But they're struggling to find the balance between informing customers and giving attackers too much publicity.
A draft of new guidance intended to be a blueprint to validate and implement a secure infrastructure as a service cloud computing offering has been issued by the National Institute of Standards and Technology.
Karen Scarfone, who coauthored NIST's encryption guidance, sort of figured out why many organizations don't encrypt sensitive data when they should. The reason: they do not believe they are required to do so.
Hacktivist attacks against U.S. and Israeli sites illustrate a clear message. If you have unprotected web applications, you will suffer the consequences, says cybersecurity expert Amichai Shulman.
The increase since 2006 in the number of IT security terms found in a new NIST glossary shows the importance of information security in the way we conduct business today.
Former FBI cyber unit chief Tim Ryan sees mounting dangers from the insider, acknowledging undiscerning employees who don't follow proper processes can cause devastation. But he says the actions of those with malicious intent can be more catastrophic.
The complexity of the smart grid introduces a cybersecurity challenge that isn't easy to overcome. ENISA's Konstantinos Moulinos outlines the steps needed to improve smart grid security.
The recent wave of DDoS attacks against top U.S. banks is a wake-up call for organizations that are ill-prepared to fight against such an attack. NIST's Matthew Scholl offers strategies to mitigate the threat.
How do we provide mobile applications to our users that fulfill their need for immediate access, but also provide them with assurance that their information is safe? Here are four fundamentals.
A report released by Gov. Nikki Haley says the hacker obtained the password when an employee of the Department of Revenue opened an e-mail containing malicious computer code.
NIST issues its interagency report on supply chain practices as a congressional panel cautions against using Chinese-made components that some lawmakers fear might have been altered to spy on Western governments and businesses.
Despite numerous data breaches, as well as financial incentives and penalties, many healthcare organizations aren't taking risk assessment requirements seriously. Experts offer insights on best practices.
President Obama has signed a classified presidential directive that reportedly enables the military to act more aggressively to frustrate cyberattacks on government and private computer networks.
Incorporating new concepts such as security-control overlays and placing a renewed emphasis on information assurance, the forthcoming guidance is 'a total rewrite' from the 2009 version, NIST's Ron Ross says.
The kind of detailed data analysis that helped statistician Nate Silver predict accurately the outcome of the U.S. presidential election could help enterprises using cloud-based SIEM to identify vulnerabilities, says Cloud Security Alliance's Jens Laundrup.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.
