Enterprises should test the processes they establish to respond to advanced persistent threat attacks, just as they vet their business continuity plans, ISACA International President Robert Stroud says.
The National Institute of Standards and Technology should use the cryptographic community to help vet the advice it gets from the National Security Agency when creating cryptography guidance, a panel of prominent experts recommends.
The British government is seeking quick approval of an "emergency" blanket data retention law that would require U.K. telecommunications providers to store information relating to their customers' calls, texts and e-mails for 12 months.
The Department of Homeland Security confirms that "a potential intrusion" of the Office of Personnel Management's network occurred in March but says officials have not identified any loss of personally identifiable information.
Criminals have begun targeting ATMs in Western Europe using malware, as well as a new generation of stealthier skimmers designed to capture card data and PIN codes. But the stolen data is often used for fraud elsewhere, especially the U.S.
Julie Conroy once was a financial services practitioner who subscribed to Aite Group's research. Today she is one of Aite's top fraud researchers. What was her career path, and what tips can she share?
Is having too many stakeholders who care about cyberspace's viability a hindrance to security? That's one way to interpret comments from White House Cybersecurity Coordinator Michael Daniel as he addresses the challenges of governing the Internet.
Bob Russo, long-time general manager of the PCI Council, will retire at the end of the year. Stephen Orfei, his replacement, will take the helm in September. Security experts analyze the potential impact of the change.