Organizations that want to protect sensitive data first need to know where it is. But outside of military and government realms, few employees know how to manually classify data, or have an incentive to do so, says TITUS CTO Stephane Charbonneau.
With the rise in awareness of visual security threats and the advent in open plan office environments, protecting data inside the organization is a growing concern, says Ben Rooney, a marketing executive at 3M.
Listen to an audio report on a House hearing where key federal lawmakers explain why Katherine Archuleta should be fired as Office of Personnel Management director in the wake of what could be the largest government breach ever.
Those advocating the use of the ".bank" top-level domain argue that it offers better security than ".com." In part one of a two-part interview, Craig Schwartz of fTLD Registry Services and Doug Johnson of the ABA explain the security provisions.
Chris Feeney, recently named president of BITS, the technology and policy division of the Financial Services Roundtable, describes his top cybersecurity priorities, including helping members deal with insider threats.
Threat intelligence is increasingly being brought to bear to help businesses apply kill-chain concepts, focusing on disrupting discrete parts of online attacks as early as possible, says Fortinet's Simon Bryden.
What's your digital identity strategy? Numerous agencies in countries across Europe - such as the Italian postal service - are creating new approaches to verifying identities and allowing them to be used as a trusted service, says CA's Paul Briault.
The Internet of Things is posing an increased risk to all organizations. One global data center provider, for example, recently discovered that its malware-infected power supplies were part of a botnet, says Chris Richter of Level 3 Communications.
The list of information security threats facing organizations continues to grow longer. But it's up to CIOs to put the right defenses - and priorities - in place, says David White at BAE Systems Applied Intelligence.
Keeping track of missing devices is a critical aspect of information security. Ali Solehdin, senior product manager at Absolute Software, discusses Computrace, which helps organizations secure endpoints and the sensitive data those devices contain.
EdgeWave's Mike Walls, a former bomber pilot who led Navy red teams, says penetration testing is useful in analyzing bits and bytes but not the readiness of operations under attack from cyberspace. Red teams, he says, can analyze the impact on operations.