The Obama administration is intensifying efforts to get the Chinese government to stop hacking activities following a report that designs for many of the nation's most sensitive advanced weapons systems have been compromised by Chinese hackers.
Breaking into the IT security field - a male-dominated profession - is a challenge for women. Lisa Xu, CEO of NopSec, identifies the hurdles she had to overcome and offers strategies for women to grow in their careers.
A Department of Homeland Security system used to conduct background checks has been exposing personally identifiable information of employees and contractors since July 2009. DHS says the vulnerability has been fixed.
If everyone supports the idea of sharing cyberthreat information, then why is information sharing so difficult? Shawn Henry, a former investigator with the FBI, tells how organizations can clear their biggest hurdles.
Democratic lawmakers issue a report contending electric utilities are constantly under cyber-attack, but Republicans respond those attacks target web portals and not the distribution system. Where's the truth?
A House panel establishes a bipartisan supply chain working group to explore the federal government's role in helping industry assure that IT and telecommunications wares they buy abroad are safe from exploits.
A variation of hack-back - in which a victim of a cyber-attack assaults the assailant's computer or network - could be used to mitigate the theft of intellectual property, according to the Commission on the Theft of American Intellectual Property.
Congress is highly unlikely to enact new laws to require industry to adhere to cybersecurity regulations. But that hasn't stopped a fierce debate among lawmakers and security experts on the value of such rules.
NIST's Ron Ross sees the cloud as helping to reduce the complexity of keeping data secure. But security expert Eugene Spafford of Purdue University offers a different viewpoint in the first part of a two-part joint interview.
A distributed-denial-of-service attack in Europe highlights the need for Internet service providers to implement security best practices to prevent future incidents and protect their users, ENISA's Thomas Haeberlen says.