NIST's Ron Ross sees complexity as the biggest risk enterprises face. To ease risk, Ross favors moving data to the cloud. Purdue's Eugene Spafford doesn't fully subscribe to Ross' plan. The two square off in this interview.
Kaspersky Lab has identified a new spear-phishing attack involving a Trojan designed to target Android devices. Researcher Kurt Baumgartner says organizations need to be prepared for more mobile malware attacks.
A rider covertly added to the law to fund the government through September requires select agencies to assess technology purchases for cyber-espionage and sabotage, a process that could make it harder to buy wares to secure IT.
E-mail authentication foils phishing, but authentication is only effective if every partner in the chain adopts it. John Carlson and Andrew Kennedy of BITS explain how institutions can improve e-mail practices.
Attacks against Facebook, Twitter and other organizations over the past few months should send a message to business owners that they need to better fund cybersecurity, IT security expert Mischel Kwon says.
American Express confirms it was hit this week by a distributed-denial-of-service attack. The hacktivist group that has targeted banks in recent months claims credit for this latest high-profile attack.
Organizations outsourcing card data management to the cloud face significant security risks. How should they prioritize risks when reviewing cloud-vendor solutions? The PCI Council's Bob Russo offers insight.
Understanding big data is not the problem, say Michael Fowkes and Aaron Caldiero of Zions Bank. Figuring out how to use the information contained within big data in a meaningful way - that's the trick.
What's the cost to an organization when it suffers a seurity breach and breaks trust with its own customers? Jeff Hudson, CEO of Venafi, presents results of a new survey on the cost of failed trust.
Venafi has just partnered with Ponemon Group to release a new survey, "The Cost of Failed Trust". Among the key...