NIST's Ron Ross will be quite busy at RSA Conference 2012, not only promoting revised guidance on security and privacy controls to be unveiled at the securing conclave, but also participating in a panel on one of his favorite topics: continuous monitoring.
Verisign Inc. may have followed the letter of the law when revealing a series of breaches in an SEC filing. But the company that assures the flow of a hefty portion of Internet traffic should have been more forthright to ease the minds of its various constituencies.
Alisdair Faulkner of ThreatMetrix says financial institutions and businesses should focus on five key security areas. What make up the top five, and where do banks need to make the greatest fraud-prevention investments?
"These changes might not otherwise be troubling but for one significant change to your terms of service: Google will not permit users to opt out," the leaders of a House panel say in a letter to Google CEO Larry Page.
Spear phishing, or targeted phishing, schemes are the industry's most concerning trend, according to a new report from the APWG. So, what can we do to curb phishing attacks? Executives at BITS and FS-ISAC have a new idea.
Security and privacy officers for global organizations can expect increased work in protecting customer data if a proposed regulation introduced before the European Commission becomes law, cyber and privacy lawyer Francoise Gilbert says.