The new report aims to help access-control experts improve their evaluation of the highest security access-control systems by discussing the administration, enforcement, performance and support properties of mechanisms that are embedded in each system.
"With the increasing breadth and depth of cyberattacks ... risk assessments provide important information to guide and inform the selection of appropriate defensive measures so organizations can respond effectively," guidance coauthor Ron Ross says.
The continuing loss of data to China suggests that the federal government should carefully assess the cybersecurity implications associated with the expansion of Chinese cloud and mobile providers in the U.S.
The final rules for Stage 2 of the HITECH electronic health record incentive program contain multiple provisions regarding privacy and security. Find out what experts have to say about the merits of the new requirements.
One takeaway from the $1-billion-plus verdict against Android-maker Samsung for infringing Apple patents is that the users of infringed technology also could be held legally liable, patent attorney Jim Denaro says.
By combining responsible management, risk management and compliance functions and internal audits, organizations will go far in securing their data and systems, says PricewaterhouseCoopers Partner Carolyn Holcomb.