Many organizations aren't devoting enough resources to ensure that applications for mobile devices are secure, says security expert Jeff Williams. He offers five tips for adequately addressing mobile application security.
Partisan bickering surrounding a bill aimed at protecting the nation's critical IT infrastructure is the likely reason the measure will not come up for a vote in the lower chamber this week, as representatives debate four other cybersecurity bills.
Rep. Dan Lungren introduced an amendment to his onetime bipartisan cybersecurity bill that won only the backing of fellow Republicans with Democratic members of the House Homeland Security Committee objecting to the changes.
Organizations are not taking the advanced persistent threat seriously enough, says Hord Tipton of (ISC)2. But security professionals also are not mitigating the common threats, he says. Watch the video.
"The changes we propose in revision 4 are directly linked to the current state of the threat space - the capabilities, intentions and targeting activities of adversaries - and analysis of attack data over time," says NIST's Ron Ross.
When the Commonwealth of Pennsylvania suffered a major security breach a few years back, vulnerabilities in a Web application were to blame. CISO Erik Avakian explains how the state developed a process to correct flaws in application code.