The OWASP Top Ten list of security risks was created more than a decade ago to be the start of an industry standard that could bootstrap the legal system into encouraging more secure software. Here are the 2013 updates.
A former federal government CISO dismisses suggestions that IT security can be enhanced by tweaking the processes behind the implementation of the Federal Information Security Management Act. FISMA is badly flawed, he argues, and must be reformed by a new law.
How do we lessen the risks posed by mobile devices and their apps, along with direct access provided to proprietary corporate data and networks? Here are five clear, actionable ways to mitigate your risks.
Using technology to prevent breaches is insufficient. Security leaders also must address the human factor, making sure staff members receive appropriate training on clear-cut policies - before it's too late.
Smaller nation-states have been upping the ante of cyber-attacks for years, and now one has shown us exactly the kind of cyberdestruction that extremist elements are willing and able to conduct, former-U.S. National Intelligence Director Mike McConnell writes.
When you and I say 'cloud,' we may think of two very different things, ISACA leader Peter Spier writes. Partly this stems from a lack of common definition on the term. Read on to see how such confusion can be overcome.