Who hacked Sony? Not us, say the North Koreans, ending days of silence. As Deloitte becomes the latest victim of the G.O.P. gang that's claimed credit, one thing is certain: Sony won't have to buy the movie rights to this hacking story.
Put together, two IRS audits illustrate a major concern many security pros have about FISMA audits: They're checklists of whether organizations comply with regulations that require specific processes but do not determine if the processes are effective.
The Consumer Financial Protection Bureau, responding to government auditors, is formalizing a privacy plan that addresses how the federal agency will assess and manage privacy risks and monitor and audit privacy controls, Director Richard Cordray says.
Federal government auditors have identified weaknesses in the technical controls protecting the security of the federally run Obamacare HealthCare.gov website and systems, which they say create increased and unnecessary risks.
Israeli Prime Minister Benjamin Netanyahu may have been a bit premature to claim Israel has deployed a cyber "iron dome" to protect its critical IT and defense systems. But a new initiative under way will try to do just that.
The 9/11 Commission, in its 10th anniversary report, cautions Americans and the U.S. government to treat cyberthreats more seriously than they did terrorist threats in the days and weeks before Sept. 11, 2001.
Two separate audits by the Government Accountability Office show information security weaknesses at the Federal Deposit Insurance Corp. and significant deficiencies in information system controls at the Treasury unit that manages the federal debt.
The Government Accountability Office's Gregory Wilshusen is an empathetic IT security auditor, saying he understands why agencies don't always follow his recommendations. Read why.
Three years ago, trust on the Internet - or the lack thereof - focused, in part, on the faceless hacking groups such as Anonymous and LulzSec. Today, we have a face for this lack of trust, and it looks a lot like Uncle Sam and a Chinese Red Army cybersoldier.
The No. 1 reason Congress, after five years of intensive efforts, has yet to enact comprehensive cybersecurity legislation is differences over how much liability protection to grant businesses to get them to share cyberthreat information.
If Congress fails to enact a national breach notification law, the Obama administration could develop a set of voluntary best practices along the lines of its new cybersecurity framework.
Here's a sampling of the many sessions at RSA 2014 that will provide timely insights for security specialists in the government sector on such topics as vetting foreign technologies and implementing the new cybersecurity framework.
Because of increasing cyber-attacks against government agencies, the inspector general says it's crucial for the State Department to address the continuing weaknesses in its information security program.
Federal agencies audited by the Government Accountability Office showed inconsistent responses to computer breaches involving personally identifiable information.
A combination of technical and managerial problems set the stage for hackers to breach a Department of Energy database last summer, a new report shows. The incident cost the department millions of dollars.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.