A recent research paper that raised questions about the efficacy of RSA public-private key cryptography shouldn't alarm IT security practitioners, says Eugene Spafford of Purdue University. Here's why.
Jason Clark, CSO of Websense, has spent a significant amount of time meeting with over 400 CSOs. From his interactions, Clark offers his advice on how chief information security officers can be more effective.
Hacking is behind most large-scale data breaches. What steps can organizations and leaders take to safeguard their information post-attack? Karen Barney of the Identity Theft Resource Center offers advice.
The rise in hacktivism and data breaches changed the information security landscape. These incidents also influenced the content of RSA Conference 2012, says Hugh Thompson, event program committee chair.
Cyber spies in China are suspected of launching an attack against a NATO senior military commander, U.S. Admiral James Stavridis, using a Facebook scam to gather information about Stavridis from his friends and colleagues, according to U.K. newspaper reports.
Organizations are not taking the advanced persistent threat seriously enough, says Hord Tipton of (ISC)2. But security professionals also are not mitigating the common threats, he says. Watch the video.
Consumer advocate Deven McGraw describes what she likes and doesn't like about the privacy and security provisions in the proposed rules for Stage 2 of the HITECH Act electronic health record incentive program.
Far too many identity solutions today rely on simple user names and passwords, says Brent Williams, CTO of Anakam Identity Services - the identity product line of Equifax. But the future of identity is bright, he says.
Because winning the support of CEOs for any new project requires demonstrating a return on investment, information security professionals need to more precisely quantify the potential payoff of their suggested spending on technologies and training, according to a new report.