NIST's Ron Ross sees the cloud as helping to reduce the complexity of keeping data secure. But security expert Eugene Spafford of Purdue University offers a different viewpoint in the first part of a two-part joint interview.
Breach statistics for 2012 show DDoS attacks dramatically increased in all sectors, says Verizon's Dave Ostertag. "If your organization, company or agency has a presence on the Internet, you're a potential victim now."
As the Payment Card Industry Security Standards Council prepares to update the PCI Data Security Standard, malware attacks aimed at payments networks are garnering attention from fraud professionals, says the council's Jeremy King.
Homeland Security's inspector general office sees significant improvements in cyberthreat information sharing between the government and the private sector. But the IG says more must be done. Here's why.
Providers of technologies employees acquire through unconventional channels that could bypass their employers' supply-chain controls are known as "shadow suppliers." Here's why you should care about them.
How can organizations use big data to forecast cyber-attacks and support forensics investigations? Michael Fowkes and Aaron Caldiero of Zions Bank provide insight.
Getting buy-in for information security spending from those who hold the purse strings can be tricky unless risks are properly assessed and articulated. See how some healthcare security leaders tackle the budget challenge.
New focus for anti-fraud pros: Cloud computing providers whose employees may steal or harm customer data they host. Experts from Carnegie Mellon University's CERT Insider Threat Center offer prevention tips.
Insider threat case study: Dawn Cappelli tells how three individuals quit their jobs at a law firm, then used a free cloud service to sabotage files containing proprietary client information from their ex-employer.
The OWASP Top Ten list of security risks was created more than a decade ago to be the start of an industry standard that could bootstrap the legal system into encouraging more secure software. Here are the 2013 updates.
NIST's Ron Ross, a big NASCAR fan, likens new security controls guidance to the tools race-car builders use to prevent drivers from breaking their necks when crashing into a brick wall at 200 miles an hour.
The skills/staffing shortage was top of mind among thought-leaders at the recent Infosecurity Europe event. But what will it take to attract the new faces and skills we need to grow the profession?
Distributed-denial-of-service attacks against banks are popping up in parts of Europe. So what can we expect next in this ongoing wave of cyber-attacks? And will the major London banks be targeted?
A 143-point drop in the Dow Jones Industrial Average proves the power of social media and the havoc it can cause when an account gets hacked. It's time for social media companies to tighten the authentication process.
The UK government pledges at Infosecurity Europe to help businesses improve cybersecurity. But it's going to take more than vouchers and training to address Europe's top threats to security and privacy.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.in, you agree to our use of cookies.
