The release of the list coincides with the issuance of the Common Weakness Scoring System that allows software makers to identify vulnerabilities in their programs and buyers to determine software they acquire is secure.
SafeNet CEO Chris Fedde says top executives, not chief information or chief information security officers, should have final say on what data to encrypt.
Not all shootings, fires and accidents are of equal import, regardless of the dramatic visuals they may produce. The same can be said about information security breaches.
No one is really sure when the FFIEC's new authentication guidance will be issued, but we do know banking institutions can't afford to wait. Hence, our new FFIEC Authentication Guidance Resource Center.
Recent hacks have uncovered security vulnerabilities that should have been addressed years ago. "These attacks are going to escalate," says Josh Corman of The 451 Group. But organizations can implement basic steps to make the hackers' job harder.
If you need one more reason to take additional steps to prevent health information breaches, here's something to consider. An attorney argues that if breaches, and their high costs, are not brought under control, "I think where we are headed is to an insurance crisis."
David Navetta, an attorney who specializes in IT security and privacy, says the magistrate's recommendation, if accepted by the judge, could set an interesting legal precedent about the security banks are expected to provide for commercial customers.
What's the top threat on the minds of global IT leaders? Employee-owned mobile devices - or BYOD (bring your own device), as the trend is known. The struggle: Do mobile device benefits outweigh the organizational risks?
Lockheed Martin, the country's largest military contractor, is investigating the root of a "significant and tenacious" attack against its information network. Could this attack be linked to the RSA SecurID hack earlier this year?
See our Full Coverage of the State of Government Information Security Today 2011 survey.
President Obama declared cybersecurity a national security priority in May 2009, in effect making the IT experts at all levels of government the frontline troops defending local, state and federal information assets.
To...
The Obama administration's plan for a federal data breach notification policy is too vague to be effective, and it lacks teeth to penalize violators, according to experts who raise open questions about the proposal.
Regulatory compliance expert Harry Rhodes says it's essential to have a formal process in place for objectively assessing whether a security incident needs to be reported as a breach.
Lacking technology is not the problem, says attorney Lucy Thomson. It's that today's technology is not being adequately used to fight modern cybersecurity threats.
From mobile devices to social media and cloud computing, IT governance is all about risk management. "You can't de-risk everything, but you can de-risk the majority of circumstances you will see in normal operations," says governance expert Robert Stroud.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.