NIST's Ron Ross, one of the world's top information risk thought leaders, says new guidance he co-wrote doesn't dictate how organizations must approach risk assessment, but gives enterprises options on how to conduct risk appraisals.
The guidance discusses methods, techniques and best practices for the sanitization of target data on different media types and risk-based approaches organizations can apply to establish and maintain a media sanitization program.
Five pilot projects unveiled by the federal government, if successful, should build trust in online commerce, helping to boost the economy, says Jeremy Grant, head of the National Strategy for Trusted Identities in Cyberspace National Program office.
The new report aims to help access-control experts improve their evaluation of the highest security access-control systems by discussing the administration, enforcement, performance and support properties of mechanisms that are embedded in each system.
The FS-ISAC's decision to increase the U.S. banking industry's cyberthreat level from "elevated" to "high" is way overdue, Aite's Julie McNelley and other experts say. Here's how banking institutions should enhance security.
In the past, just writing "privacy pro" on a business card could get you into the field. "That's not the case today," says the IAPP's Trevor Hughes, who details today's challenges for privacy professionals.
"With the increasing breadth and depth of cyberattacks ... risk assessments provide important information to guide and inform the selection of appropriate defensive measures so organizations can respond effectively," guidance coauthor Ron Ross says.
If Congress banned the sale of computer wares from Chinese companies to prevent backdoor spying, components made in China would still make it to American shores through products sold by other vendors. Virtually all of them contain Chinese-made parts.