Now that the cybersecurity framework has been released, security experts are pondering whether the voluntary approach to following the guidance might eventually need to be replaced by some sort of mandate.
While many organizations rely on employee training to help mitigate the risks of spear phishing, such efforts are generally ineffective, says Eric Johnson of Vanderbilt University, who explains why a technical solution might be better.
Website security firm CloudFlare is warning organizations worldwide to be on the lookout for an increase in larger DDoS attacks. But these NTP attacks are far less sophisticated than the earlier DDoS attacks that targeted U.S. banks.
Leading this week's industry news roundup, FireEye has announced ans extended security platform. Other news includes: Intermedia's new McAfee e-mail defense suite, Trend Micro receiving honors from Gartner and more.
The RSA Conference 2014 will be held Feb. 24-28 in San Francisco, and Information Security Media Group will be the only Diamond Media Sponsor. Learn what's on the agenda at this world-class security event.
NIST has unveiled its long-awaited cybersecurity framework, which provides best practices for voluntary use in all critical infrastructure sectors, including, for example, government, healthcare, financial services and transportation.
Today's threat landscape is rapidly expanding to include cyber-attacks attributed to nation states. How must organizations respond? Mike McConnell, former U.S. National Intelligence Director, shares insight.
The UK Information Commissioner's Office has fined the Department of Justice Northern Ireland Â£185,000 after a filing cabinet that contained personal information about victims of a terrorist incident was sold at an auction.
Some people say the U.S. faces a cybersecurity staffing shortage. Renowned computer science professor Eugene Spafford disagrees. He discusses what he sees as the real shortage and what we can do about it.