"Raising the security awareness of your workforce is your best defense against having a breach incident," says David Holtzman, who's on the federal team that enforces the HITECH Act breach notification rule.
U.S. government agencies are eager to gain the service and cost efficiencies of cloud computing, but the Government Information Security Today survey finds they have serious reservations about information security in the cloud.
BITS and the ABA are interested in managing future domains affiliated with bank brands and financial interests. If approved, their domain oversight would allow them to control certain domain names registrations.
When it comes to hot topics, they don't get hotter than authentication, cloud computing and IT governance - all of which I've discussed at length in recent interviews with industry thought-leaders. Let's review some highlights from these conversations.
Globally, countries and organizations now recognize the need for a unified approach for managing IT infrastructure services, says Marlin Pohlman of the Cloud Security Alliance. The trick is developing this new set of global standards.
"No one up here wants to stop Apple or Google from doing the incredible things that you do," Sen. Al Franken says. "What today is about is trying to find a balance between all of those wonderful benefits and the public's right to privacy."
ThreatMetrix's Taussig says device identification must be part of layered security measures. Banking regulators want financial institutions to deploy multiple layers of online security. But what does that expectation mean when it comes to investments in fraud detection?
A silver lining is emerging behind the rash of breaches that occur all too regularly. The fact that these breaches make the public more aware of the vulnerabilities is encouraging in efforts to make the Internet safer for all.
The Unisys Security Index shows growing public anxiety about Internet security. Unisys CISO Patricia Titus wonders how restless the public would be if the poll was conducted after revelations of breaches at RSA, Epsilon and Sony.