Addressing cyber-attacks is not just a technology issue. It requires a holistic view from the entire organization, says ISACA's Jeff Spivey, who emphasizes the need for a framework approach to security.
Aimed to be voluntarily adopted by the nation's critical infrastructure operators, the cybersecurity framework will revolve around a core structure that includes five major cybersecurity functions: Know, Prevent, Detect, Respond and Recover.
The European parliament recently voted to extend and strengthen ENISA. With this, the agency is expected to play a key role in top cybersecurity initiatives across the EU, says the agency's Steve Purser.
Facebook acknowledges it exposed 6 million members' phone numbers and e-mail addresses to unauthorized viewers, the latest example of IT security incidents creating mistrust of corporations and governments.
In defending against distributed-denial-of-service attacks, enterprises must comprehend the motives of the cyber-assailant, Booz Allen Hamilton's Sedar Labarre says. He outlines how organizations should assess their risks.
To prevent leaks, the National Security Agency is considering a number of measures, including reducing the number of systems administrators it employs, Director Keith Alexander tells a House committee.