Even with the latest disclosures of the efforts the National Security Agency goes through to decrypt Internet communications, enterprises can take specific steps to protect their information from prying eyes.
Special Publication 800-101 Revision 1 is aimed to help organizations develop procedures to deal with the explosion of mobile devices and to prepare specialists to conduct forensically sound examinations.
As the federal government ramps up deployment of continuous monitoring, agencies should significantly reduce the time to certify and accredit IT systems and detect vulnerabilities, says the Defense Department's Robert Carey.
As victims of cyber-attacks on their domain name systems providers, The New York Times, Twitter and the Huffington Post UK may have opened themselves and their customers to more nefarious threats, a leading IT security expert says.
The National Institute of Standards and Technology has issued new guidance for designing cryptographic key management systems that describes topics designers should consider when developing specifications.
The Federal CIO Council will trim its committees from six to three to focus its efforts on IT security, portfolio management and innovation. Each committee will report to a 14-member executive committee chaired by Federal CIO Steven VanRoekel.
In the wake of the NSA leak by former systems administrator Edward Snowden, how can organizations limit the amount of data access offered to those managing IT systems? Former CIA CISO Robert Bigman explains.