One problem tracking IT security employment is the dearth of information. Even the most trustworthy organization in collecting employment data, the Bureau of Labor Statistics, furnishes infosec data it cautions aren't reliable.
As enterprises spend frugally on IT security, cybercriminals aren't, and that presents big problems for organizations working feverishly to secure their digital assets, says Steve Durbin, global vice president of the Information Security Forum.
The Paul Allen card breach reiterates a concern financial fraud experts have been screaming about for years: Socially-engineered schemes that compromise employees. So, what can institutions do about them?
Hacking is behind most large-scale data breaches. What steps can organizations and leaders take to safeguard their information post-attack? Karen Barney of the Identity Theft Resource Center offers advice.
NIST's latest guidance adds controls that reflect the rapidly changing computing environment, but the fundamentals of implementing controls haven't changed, Senior Fellow Ross says in a video interview.
The Obama administration's Consumer Privacy Bill of Rights should be seen as a vital document to help shape an expansive and globally accepted privacy framework in the United States, privacy and data security lawyer Lisa Sotto says.
IT security practitioners who employ the RSA public-private key cryptography needn't lose sleep about its efficacy, despite new research that raises questions on how it creates large prime numbers to generate secret keys, IT security authority Gene Spafford says.
RSA Chief Technologist Sam Curry defends the company's approach to public-key cryptography after researchers suggest a flaw in its encryption algorithm, contending the problem exists elsewhere in the security chain.