NIST's Ron Ross will be quite busy at RSA Conference 2012, not only promoting revised guidance on security and privacy controls to be unveiled at the securing conclave, but also participating in a panel on one of his favorite topics: continuous monitoring.
From smart phones to tablets, laptops to USB devices, consumer technologies are ubiquitous in the workplace - and so is the 'bring-your-own-device' (BYOD) practice of allowing employees to conduct work on their own personal electronics.
But how do these consumer technologies change organizations' approaches to...
Security and privacy officers for global organizations can expect increased work in protecting customer data if a proposed regulation introduced before the European Commission becomes law, cyber and privacy lawyer Francoise Gilbert says.
Recently discovered viruses, consisting of Trojans and other malware, at City College of San Francisco have stolen personal banking information and other data from perhaps tens of thousands of students, faculty and administrators, says John Rizzo, president of the board of trustees.
A legal dispute between a small merchant in Utah and its former payments processor has fueled a debate over contracts between merchants and acquirers. If successful, this case could spur contractual shifts that change the way card brands view liability after card breaches.
Cyberhackers are increasing their efforts to target online credentials. And phishing attacks waged against accountholders at Chase in the U.S. and Barclays in the U.K. have made it clear that banking accounts are the target.
A breach is a disaster, says business continuity specialist Ken Schroeder. So organizing an effective breach-response team does not require a reinvention of the wheel. What it does require is a holistic approach.
It's not a question of if employees will bring their own mobile devices to work and connect to your systems. It's a matter of when. But the benefits of BYOD outweigh the risks, says Malcolm Harkins, CISO of Intel.