It isn't just a staffing shortage that stops organizations from building cyberteams. It's a skills crisis, says SANS Institute founder Alan Paller, who tells why now is the ideal time to fill top roles with qualified professionals.
Ron Ross, the NIST computer scientist who heads the initiative that is revising the guidance, characterizes the updated publication as the most comprehensive one since the initial catalogue of controls was issued in 2005.
Revision 3 of the National Institute of Standards and Technology's Interagency Report 7511 defines the requirements and associated test procedures necessary for products to achieve one or more Security Content Automation Protocol validations.
A strategic security analyst from Mandiant, the company that's examining recent hacks from the inside, explains why such cyber-assaults will likely intensify under the leadership of China's new president, Xi Jinping.
The compromise of hundreds of payment cards, apparently tied to fraud worldwide, has been linked to a network hack affecting an Arizona supermarket chain. And the attack involved a new kind of malware, the chain says.
How can security pros help organizations prevent breaches and data loss? The Online Trust Alliance has released its latest guide to data protection and breach readiness, and OTA founder Craig Spiezle offers tips.
Although hacktivists announced suspension of DDoS attacks against banks, other industries are now getting hit, and banks can't afford to get complacent because of the fraud risk, says security specialist Bill Stewart.
Although suggestions in a new Federal Trade Commission staff report do not have the force of law, they do provide guidance on how the agency could enforce American federal laws and regulations to protect the privacy of users of smart phones and tablets.