The rush to find qualified IT security professionals to meet current cyberthreats could jeopardize IT systems' security in the not-too-distant future, say two leading IT security experts, Eugene Spafford and Ron Ross.
The Boston Marathon tragedy is yet another reminder to organizations to develop alternative ways to communicate with employees during such emergencies. Otherwise, they could put their organizations' continuity plans at risk.
Improving regulatory compliance and security training, as well as detecting and preventing breaches, are top priorities for 2013, the Healthcare Information Security Today survey shows. Sharp HealthCare CIO Bill Spooner tells why those issues are critical.
NIST's Ron Ross sees complexity as the biggest risk enterprises face. To ease risk, Ross favors moving data to the cloud. Purdue's Eugene Spafford doesn't fully subscribe to Ross' plan. The two square off in this interview.
E-mail authentication foils phishing, but authentication is only effective if every partner in the chain adopts it. John Carlson and Andrew Kennedy of BITS explain how institutions can improve e-mail practices.
Intel has added privacy to the portfolio of its top information security executive, Malcolm Harkins, who says too many information security professionals are "color blind or tone deaf" to privacy, wrongly thinking strong data protection provides privacy safeguards.
Attacks against Facebook, Twitter and other organizations over the past few months should send a message to business owners that they need to better fund cybersecurity, IT security expert Mischel Kwon says.
The Cyber Warrior Act would establish a cyber and computer network incident response team in each state, which a governor or the president, through the defense secretary, could call up in response to cyberthreats and cyber-attacks.