In light of growing threats and the increasing complexity of information technology, organizations must get everyone in the enterprise, especially top leaders, involved in assessing and managing information risk.
Members of the U.S. Congress may be more sensitive to cyberthreats than they were in the past, but that doesn't mean they truly all appreciate the risk key government and private-sector IT systems face, says House Cybersecurity Caucus Co-Chair Jim Langevin.
The individual implementing security - the chief information officer - can't be the same as the person responsible for testing security, conducting audit and reporting on security weaknesses, South Carolina Inspector General Patrick Maley says.
Both candidates have made fleeting references to cybersecurity during the presidential campaign, but neither has addressed the matter in detail. How different would a President Romney be from a second-term President Obama?
The great thing about fraud examination is that you can really play to your own strengths when choosing a career. The following six job roles are just a few of the career paths a fraud examiner might take.
"We find it hard to believe that there are any reasons or basis to oppose this legislation," presidential counterterrorism adviser John Brennan says of the Cybersecurity Act of 2012. "I'm just very puzzled as to why individuals would oppose this."
CIO Roger Baker concurs with auditor's recommendations, saying the Department of Veterans Affairs has "embarked on a cultural transformation" and that "securing information is everyone's responsibility."
The White House Office of Management and Budget, in its yearly Federal Information Security Management Act report to Congress, gives departments and agencies mixed grades in their efforts to secure federal IT for fiscal year 2011.
NIST's latest guidance adds controls that reflect the rapidly changing computing environment, but the fundamentals of implementing controls haven't changed, Senior Fellow Ross says in a video interview.
White House Cybersecurity Coordinator Howard Schmidt, in an exclusive interview, expresses optimism that Congress could enact significant cybersecurity legislation this year even if President Obama doesn't get all that he wants in an IT security bill.
Establishing an effective security incident response program is a key component of an information risk management strategy. And NIST has issued draft guidelines to help organizations implement such a program.