The chief executive of the Finnish company that uncovered the Internet website vulnerability known as Heartbleed says security practitioners should rethink how they approach IT security by placing a greater emphasis on vetting software for vulnerabilities.
Whether reports that the National Security Agency entered into a secret contract with security provider RSA are true or not - and RSA says they're not - the reputations of all American security vendors have been tarnished.
FS-ISAC has issued a white paper with tips on streamlining third-party software risk assessments. One member of a new working group explains why the adoption of standard security controls is so critical.
Senior leaders in business and government are buying in to the need for more cybersecurity investments as well as threat-intelligence sharing, new research shows. But why are they still struggling to hire the right security pros?
The House Intelligence Committee warns of threats Chinese chips pose to American IT systems. A new film embellishes that danger. Though pure fiction, the plot could help raise the public consciousness about cyberthreats.
White House Cybersecurity Coordinator Michael Daniel sees significant savings in continuous diagnostics because the automated approach to identifying systems vulnerabilities could replace costly checklist compliance reporting.
Despite what's now been a two-month break from hacktivists' DDoS attacks on banks, we can expect more assaults from Izz ad-Din al-Qassam Cyber Fighters. And this next wave should concern us all. Here's why.
The OWASP Top Ten list of security risks was created more than a decade ago to be the start of an industry standard that could bootstrap the legal system into encouraging more secure software. Here are the 2013 updates.