In light of the critical shortage of information security professionals, organizations must strive to become a "center for security excellence" to successfully recruit the specialists they need, says analyst John Oltsik of Enterprise Strategy Group.
Bankers and retailers are hotly debating who should be liable for losses and expenses associated with the breach at Target. See how our readers weighed in on the issues involved.
While many organizations rely on employee training to help mitigate the risks of spear phishing, such efforts are generally ineffective, says Eric Johnson of Vanderbilt University, who explains why a technical solution might be better.
Some people say the U.S. faces a cybersecurity staffing shortage. Renowned computer science professor Eugene Spafford disagrees. He discusses what he sees as the real shortage and what we can do about it.
The National Institute of Standards and Technology this spring will unveil updated guidance on role-based cybersecurity training, which will help government agencies as well as private businesses to protect information.
Retail data breaches are growing. ISight Partners' Tiffany Jones, a researcher who helped the Department of Homeland Security prepare its report about malware attacks, offers new insight into the latest cyber-attacks.
Technology is the biggest challenge to ethics and compliance in organizations today, says Deloitte's Keith Darcy. "We have the capacity to do things before we ever consider the ethical consequences ..."
From new malware to the Target breach, cyber-attacks reached an all-time high in 2013, says Cisco's Annual Security Report. Cyberthreat expert Levi Gundert tells how organizations can regain the advantage in 2014.
Target Corp. is providing $5 million to help fund an effort to educate consumers about the risks of cybercrime. Meanwhile, a group of House Democrats had called for a hearing about the retailer's breach, while two senators have demanded details.
While news of the NSA's data collection caught many off guard, it's just another example of the U.S. culture of surveillance, says sociologist William Staples, author of the book "Everyday Surveillance."
Training that's designed to help workers avoid clicking on links from spear-phishing e-mails may be ineffective because employees often fail to read training materials, says Eric Johnson, a Vanderbilt University professor who's co-author of a new study on the subject.
2014 may well be the "Year of Security," and IT security pros must prepare now for new job demands. ISACA's Robert Stroud offers five New Year's resolutions to help prepare for 2014's security trends.
Many business leaders lack a clear understanding of the value of identity and access management. CISO Christopher Paidhrin offers a scenario for how to make the case for an IAM investment.
Whether reports that the National Security Agency entered into a secret contract with security provider RSA are true or not - and RSA says they're not - the reputations of all American security vendors have been tarnished.
Most fraud on the Internet is linked to unsecured identities, which is why a new global identification framework is needed, says Paul Simmonds, who heads a coalition working on a framework model.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.