Absent a uniform method, the NIST interagency report investigates credential revocation, focusing on identifying missing requirements, and suggests a model for credential reliability and revocation services that addresses those missing requirements.
Developing a bring-your-own-device
policy that's well-integrated with an organization's overall information security strategy requires a multi-disciplinary, collaborative approach, says attorney Stephen Wu.
As seen on YouTube, South Carolina Gov. Nikki Haley, more than any other chief executive, in or out of government, is out front leading the response to a breach of its tax system. It's been an education for the governor as well as South Carolinians.
Despite numerous data breaches, as well as financial incentives and penalties, many healthcare organizations aren't taking risk assessment requirements seriously. Experts offer insights on best practices.
Incorporating new concepts such as security-control overlays and placing a renewed emphasis on information assurance, the forthcoming guidance is 'a total rewrite' from the 2009 version, NIST's Ron Ross says.
Imagine sitting in a bar, as a stranger snaps a photo of you, and then uses that image to find out who you are using facial recognition technology. It's the type of practice that the staff of the U.S. Federal Trade Commission wants to discourage.