As NIST continues to develop a cybersecurity framework that mostly private operators of the nation's critical infrastructure could voluntarily adopt, what are the key gaps that still need to be filled?
Microsoft touts new security features built into the Windows 8.1 Enterprise operating system. But are they enticing enough to win over organizations that are reluctant to upgrade from older OS versions?
When it comes to the impending Sept. 23 HIPAA Omnibus enforcement deadline, many smaller organizations are making serious progress - or seriously procrastinating, says compliance expert Margie Satinsky.
The panel would review the latest intelligence and communications technologies to determine the risk of unauthorized disclosure to national security and foreign policy, as well as assess the need to maintain the public trust.
Though others deemed Bruce McConnell as one of the government's most innovative security thought-leaders, he says his vision of how best to secure IT evolved during his just-ended 4-year tenure at DHS as a senior cybersecurity policymaker.
The Federal CIO Council will trim its committees from six to three to focus its efforts on IT security, portfolio management and innovation. Each committee will report to a 14-member executive committee chaired by Federal CIO Steven VanRoekel.
In the wake of the NSA leak by former systems administrator Edward Snowden, how can organizations limit the amount of data access offered to those managing IT systems? Former CIA CISO Robert Bigman explains.
After months of delay, a hearing has been scheduled to discuss a controversial accounting of disclosures proposal that calls for giving patients the right to a full report outlining who has accessed their records.
It's an increasingly common question from CEOs. "How is our security program protecting the business?" Pamela Gupta of OutSecure shares insight on what CISOs should demonstrate when they answer that question.
Improper disposal of protected health information poses significant risks, as recent breach incidents demonstrate. That's why organizations need to do a better job vetting disposal companies and verifying that data or devices are actually destroyed.