For the fourth consecutive year, Information Security Media Group will be a Platinum Media Sponsor of the RSA Conference. And for the fifth straight year, ISMG editors will host staged sessions at the event.
Security leaders have a firm grasp on their technology controls and processes as they continue into 2013. It's addressing the vulnerabilities in people that remains the outstanding challenge of the year.
National Institute of Standards and Technology's Jeremy Grant says the government will fund pilot projects to accelerate progress toward the creation of improved, interoperable systems for secure, privacy-enhancing trusted online credentials.
The new measure would require banks, healthcare providers, social media companies, search engines and other e-commerce entities operating in Europe - even those based elsewhere - to report breaches to national authorities.
Ron Ross, the NIST computer scientist who heads the initiative that is revising the guidance, characterizes the updated publication as the most comprehensive one since the initial catalogue of controls was issued in 2005.
Although suggestions in a new Federal Trade Commission staff report do not have the force of law, they do provide guidance on how the agency could enforce American federal laws and regulations to protect the privacy of users of smart phones and tablets.
"This is our life for the future," DHS's Mark Weatherford says. "Bad guys are figuring out that they can create this kind of havoc at almost [no] cost for themselves. It is more than just a distraction; it is now the way we operate."
Throughout 2013, security professionals will continue to face evolving mobile security challenges, says Javelin's Al Pascual, who, in a new report, analyzes the changing mobile threat landscape for the year.
Managing advanced persistent threats will be a priority throughout 2013, says RSA CISO Eddie Schwartz. How should organizations defend themselves against APTs and the year's other top security threats?
Banking institutions have spent the last two years enhancing authentication to conform to regulatory mandates. Organizations in other sectors can learn important authentication lessons from the banking industry.