"The changes we propose in revision 4 are directly linked to the current state of the threat space - the capabilities, intentions and targeting activities of adversaries - and analysis of attack data over time," says NIST's Ron Ross.
Challenged by sophisticated threats and the complexity and cost of security, global leaders wonder: "Is my organization going to be the next breach headline?" IBM's Latha Maripuri discusses global trends.
"People appreciate being contacted when particular transactions look risky," says Peter Tapling, President and CEO of Authentify. "Out-of-band authentication provides the opportunity to do that in real-time, at very low cost to the institutions."
No one - not even a security vendor - is immune to cyber attacks. "It's not a question of if or when companies will face an attack, but how they're going to defend against it," says Symantec's Francis deSouza.
Mobile security is a new discussion track at RSA Conference, but it's long been a hot topic for CISOs. Entrust's Dave Rockvam discusses BYOD and how organizations are securing personally-owned devices.
IT security practitioners who employ the RSA public-private key cryptography needn't lose sleep about its efficacy, despite new research that raises questions on how it creates large prime numbers to generate secret keys, IT security authority Gene Spafford says.