While most organizations are focusing on compliance, they are ignoring basic human-factor security risks that technology cannot fix, says Hord Tipton, executive director of the International Systems Security Certification Consortium, better known as (ISC)Â².
Getting the healthcare sector prepared for new and emerging cybersecurity threats is a new focus this year for the Office of the National Coordinator for Health IT, says its chief privacy officer, Joy Pritts.
While massive DDoS attacks were dominant in 2013, this year, smaller application-layer attacks going after such things as log-in pages and password files are far more common, says Rich Bolstridge, chief strategist, financial services, at Akamai Technologies.
In light of the critical shortage of information security professionals, organizations must strive to become a "center for security excellence" to successfully recruit the specialists they need, says analyst John Oltsik of Enterprise Strategy Group.
Bitcoin-trading website Mt.Gox was taken offline abruptly as of late Monday, Feb. 24. The news raises concerns about the viability of the online virtual currency as well as security issues associated with Bitcoin.
Log analysis is often used for managed security, but are organizations going far enough with the information they have at their fingertips? Don Gray, chief security strategist for Solutionary, says there is much more organizations could be doing to predict breaches.
Researchers at Dell SecureWorks have identified some 146 unique malware families that are targeting cryptocurrencies. Approximately 100 of those have emerged in just the last year, says Pat Litke, security analysis adviser for the company's CyberThreat unit.
Although the growth of cloud-based data centers offers opportunities to more rapidly deploy applications, it also raises new security issues, says Steve Pao, senior vice president at Barracuda Networks.