NIST is developing risk management guidance on the IT supply chain that says organizations should take an incremental approach and ensure that they first reach a base maturity level in organizational practices.
Bruce McConnell, who just stepped down as one of the federal government's top cybersecurity policymakers, says he understands why some lawmakers don't trust DHS with significant authority to safeguard government IT.
While organizations wait for possible cyberthreat intelligence sharing legislation, the community is proactively working to share valuable information among different industries, says MS-ISAC Chairman Will Pelgrin.
As NIST continues to develop a cybersecurity framework that mostly private operators of the nation's critical infrastructure could voluntarily adopt, what are the key gaps that still need to be filled?
Though others deemed Bruce McConnell as one of the government's most innovative security thought-leaders, he says his vision of how best to secure IT evolved during his just-ended 4-year tenure at DHS as a senior cybersecurity policymaker.
Organizations won't effectively share cyberthreat intelligence until they have more efficient ways of gathering and prioritizing data, says EMC's Kathleen Moriarty, author of a new report about information sharing weaknesses.
The Federal CIO Council will trim its committees from six to three to focus its efforts on IT security, portfolio management and innovation. Each committee will report to a 14-member executive committee chaired by Federal CIO Steven VanRoekel.
In the wake of the NSA leak by former systems administrator Edward Snowden, how can organizations limit the amount of data access offered to those managing IT systems? Former CIA CISO Robert Bigman explains.
Phyllis Schneck, the next deputy undersecretary for cybersecurity at the Department of Homeland Security, comes to the job with a different set of experiences than her predecessors - and that could prove valuable.