President Obama has reportedly decided that the government shouldn't exploit encryption flaws, such as Heartbleed, in most instances unless there's "a clear national security or law enforcement need." But how should that need be determined?
In many if not most enterprises, the chief information security officer reports to the chief information officer. After all, enterprises cannot function without IT, and security is a support function to safeguard data and systems. Or is it?
An analysis of the Target breach prepared for a Senate committee is a political document that might help its patron's agenda but doesn't go far enough to identify technical solutions to help enterprises avoid Target-like breaches.
With a need for more than 4,000 new specialists over the next two years, the U.S. Cyber Command will look within the military for help, providing training to enlistees to re-invent themselves as cyber pros, Defense Secretary Chuck Hagel says.
The No. 1 reason Congress, after five years of intensive efforts, has yet to enact comprehensive cybersecurity legislation is differences over how much liability protection to grant businesses to get them to share cyberthreat information.
(ISC)Â² is celebrating its silver anniversary as a global organization educating and certifying information security professionals. What are the key threats and trends driving the profession's future growth?
Having cyber-responders from various civilian agencies located on the same campus should help foster new ideas to battle threats to critical government and private-sector IT systems, a top administration official says.
A federal advisory panel has prepared recommendations for security and privacy best practices to use when a patient's representative, or proxy, is authorized to view, download or transmit electronic health records, such as through a portal.