NIST information risk guru Ron Ross, in a video interview, previews new guidance from the National Institute of Standards and Technology that's aimed at helping organizations architect their IT infrastructures to be secure from the get-go.
Phyllis Schneck, the Department of Homeland Security's deputy undersecretary for cybersecurity, equates the department's continuous diagnostics and mitigation initiative with a medical probe detecting an infection in the human body.
When it comes to building a breach response team, too many healthcare organizations use a "volunteer firefighter model," taking inadequate steps to prepare for incidents, says security expert Brian Evans.
In the wake of high-profile breaches and data leaks, the government will pay a lot more attention to information security. Are security pros ready for this scrutiny? Professor Eugene Spafford has his doubts.
Identity is the new perimeter, and that concept stretches organizations into lots of new directions when managing access and privileges - especially in the mobile age, says John Hawley of CA Technologies.
In a keynote address at the RSA 2014 Conference, Kevin Mandia, founder of Mandiant, warns organizations to beware of "victim's fatigue," or letting your guard down after going six months without a breach.
Cybercrime. Privacy. The power of big data and mobility. These issues are as challenging to India as they are to any global region. Vinayak Godse of DSCI discusses his organization's role in improving cybersecurity.