"If you're not doing the right things on managing vulnerabilities, it doesn't really matter what other kinds of sophisticated things you do - that's the baseline for security," says BeyondTrust's Marc Maiffret.
A George Mason University research fellow says the cybersecurity framework, issued earlier this year by the National Institute of Standards and Technology, is likely to cause more problems than it solves.
Verizon's latest annual breach report shows that Web application attacks increased more than malware-fueled point-of-sale intrusions in 2013, says analyst Dave Ostertag, who provides an overview of the report's findings.
Dennis Simmons, retiring CEO of SWACHA, says new career paths are being forged for IT professionals as well as legal experts who have good understandings of cybersecurity and cross-channel fraud in the world of e-commerce.
Not only has the CISO role evolved into information risk management, but it also has gained greater visibility to senior leaders. Parag Deodhar of Bharti AXA Gen. Insurance discusses the new expectations.
Microsoft's Pierre Noel focuses on helping Asian nations build their cybersecurity infrastructures and policy frameworks - often from the ground up. How does he approach this mission, and what lessons can he share?
Malcolm Harkins has a unique role. He oversees both security and privacy for global technology vendor Intel. What tips does he offer individuals who seek to build careers in either discipline - or both?
The FFIEC just issued new guidelines on DDoS risks to U.S. banking institutions. What is the substance of these guidelines, and how must banks and credit unions respond? Rodney Joffe of Neustar offers advice.
To boost cybersecurity, senior leaders - whether a CEO, a board member or a government agency director - need to think of information as a critical asset worthy of protection, risk management experts Val Rahmani and Malcolm Harkins say.