Security incidents reported over the past five years have placed the confidentiality, integrity and availability of sensitive government information and information systems at risk, an annual GAO review reveals.
New guidance from the National Institute of Standards and Technology defines an information security continuous monitoring strategy and shows how organizations can create an information security continuous monitoring program.
"The same American ingenuity that put a man on the moon also created the Internet," President Obama says. "We must now harness that spirit of innovation to ... secure technologies to build a safer, more prosperous future for all Americans."
It's been well over a year since the passage of the Dodd-Frank Wall Street Reform and Consumer Protection Act. How should banking institutions prepare for the hundreds of new regulations expected to come as a result of this landmark legislation?
About 4.9 million patients treated in San Antonio area military treatment facilities since 1992 have been affected by a health information breach involving the theft of backup tapes for electronic health records.
With the announcement of a breach affecting 4.9 million patients in the Defense Department's TRICARE healthcare program, there have now been five incidents that each affected at least 1 million individuals since the HIPAA breach notification rule took effect.
Melissa Hathaway doubts Congress will enact a cybersecurity law. "I fear we will continue to watch the bills 'sit here and wait, while a few key congressmen sit and debate. It's not easy to become a law," she writes, citing a kid's jingle.
In the areas of risk management and business continuity, security professionals have advanced significantly since Sept. 11, 2001. But there's still an issue of complacency that needs to be addressed, says Rolf von Roessing, past international vice president of ISACA.