NIST information risk guru Ron Ross, in a video interview, previews new guidance from the National Institute of Standards and Technology that's aimed at helping organizations architect their IT infrastructures to be secure from the get-go.
In the wake of its data breach last year, Target Corp. is overhauling its information security and compliance practices, launching a search for a new CIO and creating the position of chief information security officer.
Social networking site Meetup has been facing ongoing DDoS attacks. It received a notification the attacks would continue unless it paid a fee, which highlights the rising concern of extortion tied to DDoS.
Legislation has been introduced in the House and Senate that would require a "kill switch" on smart phones, allowing consumers to remotely wipe personal data from their mobile devices if they're lost or stolen.
Identity is the new perimeter, and that concept stretches organizations into lots of new directions when managing access and privileges - especially in the mobile age, says John Hawley of CA Technologies.
In a keynote address at the RSA 2014 Conference, Kevin Mandia, founder of Mandiant, warns organizations to beware of "victim's fatigue," or letting your guard down after going six months without a breach.