Verisign Inc. may have followed the letter of the law when revealing a series of breaches in an SEC filing. But the company that assures the flow of a hefty portion of Internet traffic should have been more forthright to ease the minds of its various constituencies.
Establishing an effective security incident response program is a key component of an information risk management strategy. And NIST has issued draft guidelines to help organizations implement such a program.
Rep. Dan Lungren, the bill's chief sponsor, contends the regulatory approach taken by his bill would be less intrusive on the private sector than proposed Senate legislation and a plan by President Obama.
"These changes might not otherwise be troubling but for one significant change to your terms of service: Google will not permit users to opt out," the leaders of a House panel say in a letter to Google CEO Larry Page.
Spear phishing, or targeted phishing, schemes are the industry's most concerning trend, according to a new report from the APWG. So, what can we do to curb phishing attacks? Executives at BITS and FS-ISAC have a new idea.
Bringing Your Own Device raises jitters among employers, who worry about exposing or losing sensitive data, and employees, who fret about their bosses spying on them. Despite these anxieties, the trend will continue because that's what people want.
The Europay, MasterCard, Visa standard, commonly used in most global markets, is coming to the U.S. The sooner issuers, acquirers and merchants initiate migrations, the better, says Stephanie Ericksen, head of authentication product integration at Visa.