Cyberthieves are exploiting weaknesses in the U.S. payments infrastructure as an easy-to-travel avenue for access to intellectual capital, says risk consultant Bill Wansley. What can be done to stop them?
Debate surrounding the Cybersecurity Act has focused on whether the government should regulate privately owned, critical IT systems. But the bill also would make significant changes on how government governs IT security, co-sponsor Sen. Tom Carper says. See how.
One problem tracking IT security employment is the dearth of information. Even the most trustworthy organization in collecting employment data, the Bureau of Labor Statistics, furnishes infosec data it cautions aren't reliable.
RSA Chief Technologist Sam Curry defends the company's approach to public-key cryptography after researchers suggest a flaw in its encryption algorithm, contending the problem exists elsewhere in the security chain.
NIST's Ron Ross will be quite busy at RSA Conference 2012, not only promoting revised guidance on security and privacy controls to be unveiled at the securing conclave, but also participating in a panel on one of his favorite topics: continuous monitoring.
People, as much as anything else, are a critical aspect of information risk management, and businesses and government agencies must monitor employees - and educate them, as well - to thwart a potential threat from within.