If the NSA's meddling in NIST cryptography standards soiled the reputation of the National Institute of Standards and Technology, an amendment approved by the House of Representatives could help restore it.
Infrastructure security used to be more manageable. But it's far more complex in today's cloud environment. Carson Sweet of CloudPassage shares insight and strategies to improve cloud infrastructure security.
A new study shows the accuracy of facial recognition algorithms has markedly improved over the past three years, though one of the report's authors suggests they're not at the level to be a highly reliable form of authentication.
Identity fraud is one of consumers' most feared crimes, and at banks those schemes translate into application fraud. FICO's Adam Davies discusses today's common application fraud scams and how to stop them.
Kentucky is now the 47th state to enact a breach notification law. While a national law superseding the widely varying state statutes is long overdue, the primary election defeat of House Majority Leader Eric Cantor makes passing such a bill tougher.
It's well known that lost or stolen unencrypted computing devices account for the majority of large health data breaches. But a new report from the Department of Health and Human Services shines a light on how frequently breaches - especially smaller ones - involve paper records.
Breaking down silos should help organizations mitigate vulnerabilities introduced into their systems from the information and communications technology supply chain, says the co-author of new guidance from NIST.
Continuous monitoring is helping Freddie Mac reduce the number of security controls it uses to safeguard its information systems, says CISO Patricia Titus, who summarizes lessons that can apply to government and private-sector entities.
When NIST issued "Guidelines on Cell Phone Forensics" in May 2007, Apple's introduction of the iPhone was a month away. Seven years later, NIST is revising its guidance and giving it a new moniker, "Guidelines on Mobile Device Forensics."
During a video interview with Information Security Media Group, FireEye's SVP and COO, Kevin Mandia, details the three stages of advanced threats; attractive nuisances, criminal activity, and nation-state activities.
During a video interview with Information Security Media Group, FireEye's David DeWalt, CEO, and Kevin Mandia, SVP and COO, discuss the new security model, and how to effectively prevent against cyber-threats.
The British government aims to increase uptake of five essential security controls at U.K. businesses, backed by third-party annual audits and a badge of compliance. Many government contractors must comply.