Should IT security practitioners be deemed professionals like those in medicine and law? That's not an easy question to answer, says Ronald Sanders, former human capital officer at the U.S. Office of the Director of National Intelligence.
The European parliament recently voted to extend and strengthen the European Network and Information Security Agency. What does this news mean for Europe's top cybersecurity agency and for the state of emerging threats across Europe?
The hunt for a Boston Marathon bombing suspect that locked down the city caused massive disruption to business operations, but enterprises that had business continuity plans in place hardly missed a beat.
To retain their customers after a breach of sensitive information, organizations should take the extra step of calling those affected to offer free credit protection services, says security expert Brian Dean.
The rush to find qualified IT security professionals to meet current cyberthreats could jeopardize IT systems' security in the not-too-distant future, say two leading IT security experts, Eugene Spafford and Ron Ross.
NIST's Ron Ross sees complexity as the biggest risk enterprises face. To ease risk, Ross favors moving data to the cloud. Purdue's Eugene Spafford doesn't fully subscribe to Ross' plan. The two square off in this interview.
Kaspersky Lab has identified a new spear-phishing attack involving a Trojan designed to target Android devices. Researcher Kurt Baumgartner says organizations need to be prepared for more mobile malware attacks.
E-mail authentication foils phishing, but authentication is only effective if every partner in the chain adopts it. John Carlson and Andrew Kennedy of BITS explain how institutions can improve e-mail practices.