While preparing a speech to be delivered in Korea, NIST's Ron Ross wanted to convey the message of the importance of computer security. He hit on five themes - threat, assets, complexity, integration and trustworthiness - which form the acronym TACIT.
On Christmas Eve, Target issued a warning about phishing scams linked to its breach recovery efforts. In response, the retailer says it is launching a dedicated resource page on its website for official communications.
Whether reports that the National Security Agency entered into a secret contract with security provider RSA are true or not - and RSA says they're not - the reputations of all American security vendors have been tarnished.
An independent presidential panel makes recommendations to limit the National Security Agency's surveillance methods, including curtailing the way the government systematically collects and stores metadata from Americans' phone calls.
Jeh Johnson, the new secretary of Homeland Security, is expected to become one of the top advocates of the administration's cybersecurity policy as the White House shifts more IT security responsibilities to DHS.
Cybersecurity risks posed by inadequate IAM and IT asset management are mounting. Now the National Cybersecurity Center of Excellence has drafted guidance to address banking institutions' unique risks, says Nate Lesser, the center's deputy director.
A Senate committee will soon consider a patent reform measure that is less aggressive than a recently approved House bill designed to help stem the tide of patent infringement lawsuits that sometimes target security technologies.