More malware attacks fueled by Citadel and Reveton are getting attention from federal authorities, which say banking institutions and consumers should be on high alert. What can institutions do to mitigate emerging malware risks?
One problem tracking IT security employment is the dearth of information. Even the most trustworthy organization in collecting employment data, the Bureau of Labor Statistics, furnishes infosec data it cautions aren't reliable.
The Paul Allen card breach reiterates a concern financial fraud experts have been screaming about for years: Socially-engineered schemes that compromise employees. So, what can institutions do about them?
2011 has offered quite a number of tough lessons for security professionals. Here at (ISC)2, where security education is our focus, the close of another year raises the old teacher's question: "What have we learned, class?"
Today ends National Cybersecurity Month, and one thing is clear: cybersecurity awareness does not equate secure cyber. "The market still doesn't appreciate how much good cybersecurity is worth," Rep. Jim Langevin says.
New research from Carnegie Mellon University's Software Engineering Institute provides further evidence why IT security isn't just the problem of an enterprise's security organization but of its top non-IT leadership as well.