NIST's Ron Ross, one of the world's top information risk thought leaders, says new guidance he co-wrote doesn't dictate how organizations must approach risk assessment, but gives enterprises options on how to conduct risk appraisals.
Five pilot projects unveiled by the U.S. federal government, if successful, should build trust in online commerce, helping to boost the economy and create new career opportunities, says Jeremy Grant, head of the National Strategy for Trusted Identities in Cyberspace National Program office.
To address the security and privacy challenges magnified by the velocity, volume and variety of big data, the Cloud Security Alliance has formed a big data working group. What are the group's objectives?
One takeaway from the $1-billion-plus verdict against Android-maker Samsung for infringing Apple patents is that the users of infringed technology also could be held legally liable, patent attorney Jim Denaro says.
By combining responsible management, risk management and compliance functions and internal audits, organizations will go far in securing their data and systems, says PricewaterhouseCoopers Partner Carolyn Holcomb.
People with good analytical backgrounds that understand regulatory compliance are in demand. Their counterparts - defenders of IT systems - will always be in demand.
"We need the tens of thousands that can manage those defenders and then we need 100,000 that are out there learning the trade, that are passionate...
Increasingly, security and risk issues have the attention of boards of directors. What are the keys to discussing these topics with the board? John South, CSO of Heartland Payment Systems, shares tips.