"I'll probably be hanged for this, but I really believe the cloud can be more secure than what we do today," says Tom Soderstrom, chief technology officer at NASA's Jet Propulsion Laboratory.
RSA Chief Technologist Sam Curry defends the company's approach to public-key cryptography after researchers suggest a flaw in its encryption algorithm, contending the problem exists elsewhere in the security chain.
NIST's Ron Ross will be quite busy at RSA Conference 2012, not only promoting revised guidance on security and privacy controls to be unveiled at the securing conclave, but also participating in a panel on one of his favorite topics: continuous monitoring.
With the surge in use of tablets, smart phones and other mobile devices, it's good to see some privacy and security best practice guidance is in the works.
People, as much as anything else, are a critical aspect of information risk management, and businesses and government agencies must monitor employees - and educate them, as well - to thwart a potential threat from within.
As organizations move to the continuous monitoring of their IT systems to assure they're secure, they rely much more on automated processes. But don't forget the role people play.
The bust of six Estonians for one of the biggest online frauds ever is reminiscent of another type of organized crime: drugs. Despite the similarities, there's one big difference between drugs and online crimes.
New guidance from the National Institute of Standards and Technology defines an information security continuous monitoring strategy and shows how organizations can create an information security continuous monitoring program.
The shift to monthly reports of key metrics through CyberScope from annual FISMA filings allows security practitioners to make decisions using more information and more quickly than ever before, OMB Director Jacob Lew says.
The soon-to-be issued FY 2011 Chief Information Officer FISMA Reporting Metrics from the Department of Homeland Security will require agencies to report on their progress in automating the continuous measurement of the most critical security risks.
Two high-profile announcements of penalties for HIPAA privacy rule violations last week came as good news for those of us who've been waiting for enforcement efforts to ramp up.
Computer scientists at the National Institute of Standards and Technology have released five draft documents on various aspects of information security, and NIST is seeking comments on those drafts.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.
