The SEC in 2011 issued staff guidance on disclosure obligations regarding cyber-risks and incidents. Now, Senate Commerce Committee Chairman Jay Rockefeller wants the SEC commissioners themselves to provide the guidance.
The potential loss of experienced personnel could lead to a shortage of skilled employees and place a greater burden on the existing cybersecurity staff, as well as seriously affect the daily operations of the federal government.
NIST's Ron Ross sees complexity as the biggest risk enterprises face. To ease risk, Ross favors moving data to the cloud. Purdue's Eugene Spafford doesn't fully subscribe to Ross' plan. The two square off in this interview.
A rider covertly added to the law to fund the government through September requires select agencies to assess technology purchases for cyber-espionage and sabotage, a process that could make it harder to buy wares to secure IT.
American Express confirms it was hit this week by a distributed-denial-of-service attack. The hacktivist group that has targeted banks in recent months claims credit for this latest high-profile attack.
Computer networks in nations where the government has ratified international cyber-agreements have lower incidents of malware infection, says Paul Nicholas, Microsoft senior director of global security strategy and diplomacy.