The call for an overarching federal cybersecurity strategy comes in the wake of findings from U.S.-CERT that federal agencies reported a nearly eight-fold increase in cyber-incidents over seven years.
Federal regulators have issued draft guidance for the use of social media. What are the specific security risks? The FDIC's Elizabeth Khalil discusses how banking institutions can address emerging threats.
The hacktivist group Izz ad-Din al-Qassam Cyber Fighters warns that DDoS attacks against U.S. banks could resume soon. What tips do security experts offer for DDoS detection and response?
The Federal Reserve confirms it's been breached. What message does this attack send to banking institutions and their vendors about the heightened urgency to implement security best practices?
Ron Ross, the NIST computer scientist who heads the initiative that is revising the guidance, characterizes the updated publication as the most comprehensive one since the initial catalogue of controls was issued in 2005.
A strategic security analyst from Mandiant, the company that's examining recent hacks from the inside, explains why such cyber-assaults will likely intensify under the leadership of China's new president, Xi Jinping.
It will be a few years until many organizations reach a level of maturity with continuous monitoring. Getting there will take organizationwide acceptance, says George Schu of Booz Allen Hamilton.
Many organizations are weighing whether cyber-insurance is a worthwhile investment. A decision on the type of policy to buy, and what it should cover, depends, in part, on the type of information that could be exposed.
U.S. banks are improving efforts to thwart distributed-denial-of-service attacks. But they're struggling to find the balance between informing customers and giving attackers too much publicity.
A draft of new guidance intended to be a blueprint to validate and implement a secure infrastructure as a service cloud computing offering has been issued by the National Institute of Standards and Technology.
Karen Scarfone, who coauthored NIST's encryption guidance, sort of figured out why many organizations don't encrypt sensitive data when they should. The reason: they do not believe they are required to do so.
The increase since 2006 in the number of IT security terms found in a new NIST glossary shows the importance of information security in the way we conduct business today.
Former FBI cyber unit chief Tim Ryan sees mounting dangers from the insider, acknowledging undiscerning employees who don't follow proper processes can cause devastation. But he says the actions of those with malicious intent can be more catastrophic.
The complexity of the smart grid introduces a cybersecurity challenge that isn't easy to overcome. ENISA's Konstantinos Moulinos outlines the steps needed to improve smart grid security.
The recent wave of DDoS attacks against top U.S. banks is a wake-up call for organizations that are ill-prepared to fight against such an attack. NIST's Matthew Scholl offers strategies to mitigate the threat.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.