Four years ago, the Council of Registered Ethical Security Testers began as an organization to bring standardization to the penetration testing industry. Today, CREST's scope is expanding across industries and global regions, says president Ian Glover.
From mobile devices to social media and cloud computing, IT governance is all about risk management. "You can't de-risk everything, but you can de-risk the majority of circumstances you will see in normal operations," says governance expert Robert Stroud.
After the revelation of Operation Aurora, the term began to take on a different meaning. "In essence," IBM's X-Force report says, "APT became associated with any targeted, sophisticated or complex attack regardless of the attacker, motive, origin or method of operation."
Emerging technologies, application vulnerabilities and regulatory compliance force organizations to bridge the development and security silos and find avenues for interdisciplinary cooperation to produce secure software.
The information security profession is at a crucial turning point as professionals scramble to develop new skills in the arenas of cloud computing, mobile applications and social media, a new survey shows.
The possibility grows that hackers could take away control of the car from drivers as more automakers provide vehicle-to-vehicle and vehicle-to-infrastructure communications networks to third-party development.
The leak of 75,000 internal military logs on the Afghanistan war is a major IT security breach, but the fact that the breach - or leak - of such magnitude occurred didn't seem to surprise many. And, two recent reports show why.