"Accountability for security and privacy in public cloud deployments cannot be delegated to a cloud provider and remains an obligation for the organization to fulfill," NIST Computer Scientist Tim Grance says.
Five years ago, the Council of Registered Ethical Security Testers began as an organization to bring standardization to the penetration testing industry. Today, CREST's scope is expanding across industries and global regions, says president Ian Glover.
Steven VanRoekel says the mobile revolution will fundamentally change the way the federal government serves the public and its employees. But in outlining the Federal Mobile Strategy, the federal CIO hardly mentions security and privacy.
Complexity is among the most significant information risk challenges IT security practitioners face. Mobile and cloud computing, new technologies, outsourcing and growing threats from malware and people make managing risk more complex.
When the Commonwealth of Pennsylvania suffered a major security breach a few years back, vulnerabilities in a Web application were to blame. CISO Erik Avakian explains how the state developed a process to correct flaws in application code.
Maritime cybersecurity awareness is currently low, to non-existent, says The European Network and Information Security Agency in a recently published report on security challenges in the maritime sector.
These new sites now make Information Security Media Group the largest global network of information security-focused media sites, reaching the most diverse audience of decision-makers in each of ISMG's key markets.
Fraud threats have changed little in the past decade. But their global scale has, and James Ratley, president of the ACFE, details how fraud examiners must change their approach to fighting these crimes in 2012.