Successfully implementing the SANS 20 Critical Security Controls requires far more than just deploying systems, platforms or services. Experts offer insights on effective strategies for leveraging technical controls.
Faced with the growing threat of breaches, cyber-attacks and fraud, more organizations are building robust incident response strategies that identify how an investigation would proceed. Experts offer insights on effective investigation management.
NIST awards a total of $7 million in grants to five organizations to develop and pilot reliable and easy-to-use identity credentials that could help build trust in online commerce and boost the economy.
On the one-year anniversary of al-Qassam Cyber Fighters' first announcement about DDoS attacks against U.S. banks, experts discuss what may happen next, including whether the group will join forces with the Syrian Electronic Army.
The National Institute of Standards and Technology is re-evaluating a set of its special publications because of concerns expressed by some leading cryptographers that the National Security Agency might have corrupted the guidance.
Termination of an employee after a breach should be reserved for repeat offenders, individuals who show a total disregard for the rules, those who seek to harm another or the most egregious incidents, security expert Mac McMillan contends.
Apple's inclusion of a fingerprint scanner in its iPhone 5S is an important step toward bringing biometrics into the mainstream. But there's a long way to go before biometrics supplant passwords at the enterprise level.
Scientists are discovering ways to make quantum key distribution a more cost-effective and efficient way to securely share encryption keys, but there's still a long way to go before the methods can be practically applied.
Even with the latest disclosures of the efforts the National Security Agency goes through to decrypt Internet communications, enterprises can take specific steps to protect their information from prying eyes.
Special Publication 800-101 Revision 1 is aimed to help organizations develop procedures to deal with the explosion of mobile devices and to prepare specialists to conduct forensically sound examinations.
As the federal government ramps up deployment of continuous monitoring, agencies should significantly reduce the time to certify and accredit IT systems and detect vulnerabilities, says the Defense Department's Robert Carey.