Coming on the heels of a Government Accountability Office report identifying HealthCare.gov security flaws, a new report by another watch-dog agency finds some security weaknesses, as well as strengths, in the Obamacare site and systems.
Federal government auditors have identified weaknesses in the technical controls protecting the security of the federally run Obamacare HealthCare.gov website and systems, which they say create increased and unnecessary risks.
Israeli Prime Minister Benjamin Netanyahu may have been a bit premature to claim Israel has deployed a cyber "iron dome" to protect its critical IT and defense systems. But a new initiative under way will try to do just that.
White House Cybersecurity Coordinator Michael Daniel is under fire for perceived 'bragging' about his lack of technical expertise. But was Daniel, in fact, bragging? And is he off base in saying his job doesn't require deep technical experience?
Cybersecurity experts raise doubts whether the National Security Agency has successfully deployed an automated hack-back system known as MonsterMind as revealed by former NSA contractor Edward Snowden.
The hacker community can be a cynical crowd, or perhaps a realistic one, that tries to make the best of the threats confronting society. CISO Dan Geer, for example, prefers to hire security folks who are, more than anything else, sadder but wiser.
Is having too many stakeholders who care about cyberspace's viability a hindrance to security? That's one way to interpret comments from White House Cybersecurity Coordinator Michael Daniel as he addresses the challenges of governing the Internet.
Under assault by advanced threats, organizations must change their approach, says Damballa's Stephen Newman. Detection is out; response is in. How do organizations deal with 'a constant state of infection?'
Healthcare organizations that base their information security programs on HIPAA compliance are making a major blunder, says security consultant Brad Keller, who explains why that strategy is short-sighted.
The U.S. federal government's top telecommunications regulator is proposing a "new regulatory paradigm" by calling on communications providers to step up and assume new responsibilities to manage cyber-risks.
A George Mason University researcher says NIST's cybersecurity framework is likely to cause more problems than it solves. Instead, he encourages critical infrastructure operators to adopt dynamic cybersecurity provisions.
Effective risk management requires involvement of an organization's top leader; the resignation of Eric Shinseki as secretary of Veterans Affairs means that the VA likely will continue to struggle to comply with federal requirements for IT security.