Because winning the support of CEOs for any new project requires demonstrating a return on investment, information security professionals need to more precisely quantify the potential payoff of their suggested spending on technologies and training, according to a new report.
Cybersecurity Act sponsors intensify their campaign to enact the legislation that would change the way the government protects critical federal and private-sector IT networks as a group of key Republican senators offers an alternative bill.
A total of 11 class action lawsuits have now been filed against Sutter Health in the wake of a health information breach, and those suits likely soon will be consolidated into one case, according to a news report.
With the threat landscape significantly different since it issued its guidance four years ago, NIST sets out to revise Special Publication 800-61, Computer Security Incident Handling Guide, with help from industry, government agencies and academia.
The recent major breach at Zappos.com should lead security professionals in all industries to carefully review how much client information their organization really needs to store, security expert Fred Cate says.
Establishing an effective breach incident response program is a key component of an information risk management strategy. And NIST has issued draft guidelines to help organizations and leaders implement such a program.
Healthcare breach statistics reflect an unfortunate trend: "IT security has not really kept pace with the progress that's been made in the adoption of electronic health records," says Dan Berger, CEO of Redspin.
The hacking group Anonymous Brazil has targeted the websites of several of Brazil's top financial institutions, including Banco Bradesco and Banco do Brasil, with distributed denial-of-service attacks, leaving the sites in the dark, the Associated Press reports.