"Getting that top level support is the first step to making everything else happen," says Ron Ross, senior fellow at the National Institute of Standards and Technology.
Protecting the availability, confidentiality and integrity of information are the core tenets of IT security. But an FBI cybersecurity leader, Steve Chabinsky, suggests the central theme of IT security needs to be broadened to include assurance and attribution.
Cloud-computing service provider contracts, for most businesses and government customers, are take-it-or-leave it propositions, so organizations must approach a services agreement cautiously, IT security lawyer Françoise Gilbert says.
One important reason why encryption is not more broadly used in healthcare is that many organizations lack an updated risk assessment, says attorney Amy Leopard.
Customer awareness is important, especially as a fraud detection/prevention tool. Read how one sharp-eyed UPS driver recently helped foil an ATM skimming scam at a bank in New York.
NIST's latest guidance adds controls that reflect the rapidly changing computing environment, but the fundamentals of implementing controls haven't changed, Senior Fellow Ross says in a video interview.
Organizations are urged to adopt six principles to avoid the perils of transferring IT decision making away from technology specialists to business unit leaders.
Apple's introduction of its third iteration of the iPad e-tablet, coupled with the growing popularity of cloud computing, could lead to new methods of enterprise computing and IT security, Delaware Chief Security Officer Elayne Starkey says.
Jet Propulsion Laboratory IT Chief Technology Officer Tom Soderstrom is showing that a deliberate, methodical approach can lead to effective and secure cloud computing.
Imperva would neither confirm nor deny it helped defend the Vatican website from a hacktivist assault last year, but the IT security provider's director of security, Rob Rachwald, explains how such an attack was constructed and defended.
Not all hackers are the same, and that presents problems in defending against them. Understanding each type of hacker can help organizations better prepare for digital assaults.
IT security practitioners who employ the RSA public-private key cryptography needn't lose sleep about its efficacy, despite new research that raises questions on how it creates large prime numbers to generate secret keys, IT security authority Gene Spafford says.
RSA Chief Technologist Sam Curry defends the company's approach to public-key cryptography after researchers suggest a flaw in its encryption algorithm, contending the problem exists elsewhere in the security chain.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.