National Security Agency Director Keith Alexander declined to say that the agency would stop using contractors in top secret IT positions to prevent a leak such as the one that exposed NSA programs to collect metadata on American citizens.
An organization's security is only as strong as that of its partners, says Mandiant Director Charles Carmakal, who offers insight on common attack trends emerging from recent data breach investigations.
A year after LinkedIn confirmed its network had been breached, reportedly exposing 6.5 million hashed passwords, the social media company is offering users the option of adopting two-factor authentication.
Breaking into the IT security field - a male-dominated profession - is a challenge for women. Lisa Xu, CEO of NopSec, identifies the hurdles she had to overcome and offers strategies for women to grow in their careers.
NIST's Ron Ross sees the cloud as helping to reduce the complexity of keeping data secure. But security expert Eugene Spafford of Purdue University offers a different viewpoint in the first part of a two-part joint interview.
Breach statistics for 2012 show DDoS attacks dramatically increased in all sectors, says Verizon's Dave Ostertag. "If your organization, company or agency has a presence on the Internet, you're a potential victim now."
Ronald Sanders says it isn't easy to answer the question of whether the information security field should be professionalized. The former human capital officer at the Office of the Director of National Intelligence explains why.
Getting buy-in for information security spending from those who hold the purse strings can be tricky unless risks are properly assessed and articulated. See how some healthcare security leaders tackle the budget challenge.