Ron Ross, the NIST computer scientist who heads the initiative that is revising the guidance, characterizes the updated publication as the most comprehensive one since the initial catalogue of controls was issued in 2005.
A strategic security analyst from Mandiant, the company that's examining recent hacks from the inside, explains why such cyber-assaults will likely intensify under the leadership of China's new president, Xi Jinping.
The new omnibus rule makes it clear that business associates must comply with HIPAA. And the latest additions to the federal health data breach tally put a spotlight on why some BAs need to improve patient data protection.
The FFIEC has issued proposed risk management guidance for the use of social media. Find out about the key recommendations, and why experts say the guidance could prove valuable to banking institutions.
With Congress facing $1.2 trillion in budget cuts, Federal Chief Information Officer Steven VanRoekel says funding for cybersecurity initiatives will likely be affected. But with smart planning, government information technology should not be placed at risk.
Many organizations are weighing whether cyber-insurance is a worthwhile investment. A decision on the type of policy to buy, and what it should cover, depends, in part, on the type of information that could be exposed.
The Government Accountability Office is preparing a comprehensive analysis of the nation's cybersecurity strategy to determine its effectiveness in securing government IT and critical information infrastructures.
Most U.S. Defense Department contractors would be required to report a data breach to the Pentagon under provisions of the National Defense Authorization Act agreed to by a House-Senate conference committee.
Former FBI cyber unit chief Tim Ryan sees mounting dangers from the insider, acknowledging undiscerning employees who don't follow proper processes can cause devastation. But he says the actions of those with malicious intent can be more catastrophic.