Training that's designed to help workers avoid clicking on links from spear-phishing e-mails may be ineffective because employees often fail to read training materials, says Eric Johnson, a Vanderbilt University professor who's co-author of a new study on the subject.
Whether reports that the National Security Agency entered into a secret contract with security provider RSA are true or not - and RSA says they're not - the reputations of all American security vendors have been tarnished.
Michigan is deploying the Cyber Civilian Corps, a rapid response team that will assist the state and industries during a major cybersecurity incident. It will include volunteers from government, education and business.
Managers at all levels must understand their responsibilities in providing role-based cybersecurity training, says Patricia Toth, a computer scientist at the National Institute of Standards and Technology.
Many healthcare providers and their business associates have a long way to go with their HIPAA compliance efforts. But two new resources from federal regulators could help pave the way to better security.
In case you missed ISMG's 2013 Fraud Summit - or even if you were there and want to share insights with colleagues - I'm pleased to announce the availability of a series of session videos featuring top fraud experts.
HIPAA compliance training can play a critical role in preventing data breaches. Learn why a medical billing company switched to a cloud-based approach to improve training accountability, efficiency and documentation.
As Michigan deploys its Cyber Civilian Corps, the state will need to address some of the same challenges the federal government faces in sharing cyberthreat information between the government and the private sector, state CIO David Behen says.