Responding to disruptive data breaches, dealing with Mirai botnets, hacking back and the need for enterprises to segment their backup environments were just some of the topics dominating this year's RSA Conference in San Francisco.
Amidst the increasing security chaos facing individuals and organizations, one of the dominant themes at this year's RSA Conference was the need for information security professionals to do more, bringing order to enterprise IT security as well as by influencing public policy.
Cloud computing initiatives, network monitoring and risk management are driving network security operations. Meanwhile, federal agencies face record levels of threats yet still rely on manual processes and outdated point tools. Agency network security operations must be modernized to streamline network security...
As ransomware attacks continue to plague organizations in healthcare and other sectors, Maryland is considering legislation specifically identifying ransomware attacks as a crime punishable with prison sentences. California and Wyoming are among the states that have enacted somewhat similar legislation.
Certification and accreditation (C&A) has been like alphabet soup. As it transitions to assessment and authorization (A&A), it's time to sort through the confusion and identify which terms and processes apply in any given situation.
This paper sorts through the confusion to identify which terms, approaches, and...
Legislation to tighten insider threat defenses at the U.S. Department of Homeland Security has passed the House of Representatives and goes to the Senate, which failed to consider a similar measure that passed the House in the last Congress.
Looking to go at it alone when securing your public cloud environment? Without a clear understanding of its nuances, even the most state-of-the-art solution won't make it past an annual compliance audit.
This detailed guide is for those pursuing PCI DSS compliance on their DIY cloud security environment.
President Barack Obama has signed the National Defense Authorization Act, legislation that includes a provision he opposes to leave the leader of the newly-elevated U.S. Cyber Command as the head of the National Security Agency as well.
Today's ISMG Security Report leads off with House Homeland Security Committee Chairman Michael McCaul and DHS Secretary Jeh Johnson lamenting about the congressional bureaucracy that hinders passage of needed cybersecurity legislation.
President-elect Donald Trump hopes to dismantle Dodd-Frank, which could spell trouble for the Consumer Financial Protection Bureau - an agency created in 2010 to protect consumers from unfair, deceptive and fraudulent business practices.
Western experts evaluating China's new cybersecurity law contend it will do very little to safeguard information but will erode privacy rights and make it harder for foreign enterprises to do business in China.
House Homeland Security Committee Chairman Michael McCall calls on Congress to increase spending on quantum computing research to ensure that the United States is the first nation to employ quantum computing as a tool to decrypt data. "We can't lose this one to the Chinese," he says.
A bipartisan group of lawmakers has introduced legislation to encourage agencies to use secure cloud computing services as an alternative to continued reliance on legacy systems, which some government officials and IT security practitioners say puts data at risk.