Enterprises should test the processes they establish to respond to advanced persistent threat attacks, just as they vet their business continuity plans, ISACA International President Robert Stroud says.
The National Institute of Standards and Technology should use the cryptographic community to help vet the advice it gets from the National Security Agency when creating cryptography guidance, a panel of prominent experts recommends.
Three Chinese nationals seeking to make "big bucks" broke into the computers of Boeing and other military contractors, stealing secrets on transport aircraft, a U.S. criminal complaint says. Read how they allegedly did it.
The Department of Homeland Security confirms that "a potential intrusion" of the Office of Personnel Management's network occurred in March but says officials have not identified any loss of personally identifiable information.
Julie Conroy once was a financial services practitioner who subscribed to Aite Group's research. Today she is one of Aite's top fraud researchers. What was her career path, and what tips can she share?
Is having too many stakeholders who care about cyberspace's viability a hindrance to security? That's one way to interpret comments from White House Cybersecurity Coordinator Michael Daniel as he addresses the challenges of governing the Internet.
Bob Russo, long-time general manager of the PCI Council, will retire at the end of the year. Stephen Orfei, his replacement, will take the helm in September. Security experts analyze the potential impact of the change.
Leading this week's industry news roundup, Easy Solutions partners with Q2 to provide virtual banking solutions, while Lockheed Martin releases a new version of the Industrial Defender Automation Systems Manager.
Many IT security practitioners see their work as a game, one in which they try to outsmart attackers, says Eric van Ommeren, co-author of the just-published book, Staying Ahead in the Cyber Security Game:
What Matters Now.