Four years ago, the Council of Registered Ethical Security Testers began as an organization to bring standardization to the penetration testing industry. Today, CREST's scope is expanding across industries and global regions, says president Ian Glover.
From mobile devices to social media and cloud computing, IT governance is all about risk management. "You can't de-risk everything, but you can de-risk the majority of circumstances you will see in normal operations," says governance expert Robert Stroud.
Key questions: What impact - if any - will the recent RSA and Epsilon data breaches have on the FFIEC's pending authentication update? And when will this long-awaited banking guidance finally be released?
It's been over three months since the accidental disclosure. When will the final FFIEC authentication update be released? "I don't think we're any less safe," says Gartner's Avivah Litan. "We just need to step up enforcements."
Gigi Hyland, board member of the National Credit Union Administration, says the latest draft of authentication guidance is awaiting final signoff from just one member agency of the Federal Financial Institutions Examination Council.
U.S. Cyber Challenge will hold a series of competitions aimed primarily at college students as part of its April Cyber Quest series, with winners receiving invitations to attend one of several cyber camps to be offered this summer.
A survey of American households - the same one used to determine the national unemployment rate - shows that 37,000 individuals in the United States consider themselves as information security analysts.
From Facebook to Twitter, the new era of business communication and collaboration requires involvement of senior leaders to guide an organization's social media strategy and engagement. It's a big role, and it comes with significant responsibilities.
After the revelation of Operation Aurora, the term began to take on a different meaning. "In essence," IBM's X-Force report says, "APT became associated with any targeted, sophisticated or complex attack regardless of the attacker, motive, origin or method of operation."
"We are looking to build a cybersecurity workforce from the ground up, rather than hire those already trained," says Nicole Dean, Deputy Director of the National Cyber Security Division at DHS. "We are looking to hire the best and the brightest."
"In a natural disaster of this impact, you do not think of saving an organization first, but you think of securing the people stranded there," says AnneMarie Staley, director of global business continuity management at the New York Stock Exchange.
Emerging technologies, application vulnerabilities and regulatory compliance force organizations to bridge the development and security silos and find avenues for interdisciplinary cooperation to produce secure software.