2014 may well be the "Year of Security," and IT security pros must prepare now for new job demands. ISACA's Robert Stroud offers five New Year's resolutions to help prepare for 2014's security trends.
While preparing a speech to be delivered in Korea, NIST's Ron Ross wanted to convey the message of the importance of computer security. He hit on five themes - threat, assets, complexity, integration and trustworthiness - which form the acronym TACIT.
How can organizations mitigate the risks posed by the unintentional insider threat? The strategy requires a combination of technical and non-technical solutions, says researcher Randy Trzeciak.
Cyberthreats increasingly target mobile devices, and simple security measures could help end-users slash these incidents by 50 percent. This is the key finding of ENISA's new Threat Landscape Report, says Louis Marinos, the prime author.
For years, researchers have studied malicious insider threats. But how can organizations protect themselves from insiders who make a mistake or are taken advantage of in a way that puts the organization at risk?
Organizations collect a wealth of information as part of their governance, risk and compliance programs, and security professionals are missing out on important insights if they don't take advantage of it.
The average insider scheme lasts 32 months before it's detected, says threat researcher Jason Clark, who suggests using a combination of the right technologies and the right processes is the key to improving detection.
Security teams struggling to detect signs of threats hidden in mountains of data are attracted to big data analytics. But experts advise security professionals to take an incremental approach, starting out with smaller projects.
Cybercrime is becoming increasingly sophisticated and it often surpasses the security capabilities of even large corporations.
This document presents:
A maturity model that will help you determine how secure you really are;
5 security questions every CIO should be able to answer;
A new approach based on...
Randy Trzeciak and his CERT Insider Threat Center colleagues are working to broaden the definition of the insider threat to incorporate not just the risk to information and IT but to facilities and people, too.
To address the insider threat, Jeremy Walczak of Independent Health is using a privileged identity management system. Walczak and other experts offer detailed insights on mitigating emerging threats.
An emerging concept known as accelerated breach response aims to improve how organizations react to such incidents. What are the hallmarks of the new approach? Attorney Ellen Giblin offers insights.
Because big data brings significant benefits - and risks - CEOs and boards of directors must take charge of developing privacy protection policies, ISACA International Vice President Jeff Spivey says.
The panel would review the latest intelligence and communications technologies to determine the risk of unauthorized disclosure to national security and foreign policy, as well as assess the need to maintain the public trust.
Having the right log and access management tools in place - and not all tools are used by all agencies at all times - doesn't mean that the proper authorities are alerted in a timely manner to activities that could jeopardize the nation's security.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing securityintelligence.inforisktoday.com, you agree to our use of cookies.