IT security and privacy lawyer David Navetta says revelations that mobile devices such as the iPhone, iPad and Android maintain hidden files tracking users locations could pose a threat to organizations, regardless of whether the devices are owned by individual employees, the company or government agency for which...
North American Clearinghouse Association, not the government, led the effort to move Food Stamps to e-payments. That's what the government wants to do with the National Strategy for Trusted Identities in Cyberspace initiative, the fed's NSTIC point man says.
From mobile devices to social media and cloud computing, IT governance is all about risk management. "You can't de-risk everything, but you can de-risk the majority of circumstances you will see in normal operations," says governance expert Robert Stroud.
About the same percentage of respondents cite China as a major source of concern for cyberattack as they did a year ago, a McAfee study reveals. What changed? Concern about the U.S. has declined, says study author Stewart Baker.
Physicians who use social media to discuss their work, even without naming patients, risk privacy violations, a recent case in Rhode Island clearly illustrates. The case is an eye-opener for all clinicians about social networking risks.
Healthcare organizations should provide their staffs with training on how to guard against identity theft regardless of whether they must comply with the federal Red Flags Rule, says fraud prevention expert Jeremy Miller.
Top executives seek the CISO's advice to help determine whether cloud computing benefits outweigh the risks. Here are the top five cloud security risks and concerns CISOs must discuss with their leaders.
"One important element of this effort will be to ensure that we are properly informed going forward about the cyberthreats posed by criminals, terrorists and hostile nations," says Sen. Sheldon Whitehouse, sponsor of the Cybersecurity Public Awareness Act.
While the cause of the Epsilon e-mail breach has not been publicly disclosed, the incident's aftermath has seen a growing list of organizations impacted by the breach. It also has ignited a new debate about the sensitivity of e-mail addresses.