From point-of-sale hacks to malware and DDoS attacks, the top cyberthreats of 2012 have been aggressive and strong. Is it time for organizations to adopt a "hack back" strategy against perceived attackers?
The individual implementing security - the chief information officer - can't be the same as the person responsible for testing security, conducting audit and reporting on security weaknesses, South Carolina Inspector General Patrick Maley says.
In this week's breach roundup, read about the latest incidents, including three healthcare breaches involving missing devices. The largest affected 116,000 patients served by Alere Home Monitoring in Waltham, Mass.
Several legal experts say new federal guidance fleshes out details about how healthcare organizations should de-identify patient data aggregated for research. But one privacy advocate says the guidance is inadequate.
The leaders in Congress on cybersecurity matters are the chairs of the committees that have jurisdiction over IT security. In both houses, chairmanship changes mean new lawmakers will lead legislative initiatives on cybersecurity in the 113th Congress.
The recent wave of DDoS attacks against top U.S. banks is a wake-up call for organizations that are ill-prepared to fight against such an attack. NIST's Matthew Scholl offers strategies to mitigate the threat.
Developing a bring-your-own-device
policy that's well-integrated with an organization's overall information security strategy requires a multi-disciplinary, collaborative approach, says attorney Stephen Wu.