After the revelation of Operation Aurora, the term began to take on a different meaning. "In essence," IBM's X-Force report says, "APT became associated with any targeted, sophisticated or complex attack regardless of the attacker, motive, origin or method of operation."
Former New York State CISO Will Pelgrin is expanding his influence over information security nationwide as chief executive officer of the newly revised Center for Internet Security that encompasses MS-ISAC and the U.S. Cyber Challenge.
"We are looking to build a cybersecurity workforce from the ground up, rather than hire those already trained," says Nicole Dean, Deputy Director of the National Cyber Security Division at DHS. "We are looking to hire the best and the brightest."
The good news is that Indian banking institutions are leaders in information security training. The bad news is that the banks are among the few industries to embrace training and education, says Anil Dhawan of Aditya Infotech Limited.
Emerging technologies, application vulnerabilities and regulatory compliance force organizations to bridge the development and security silos and find avenues for interdisciplinary cooperation to produce secure software.
Roundup of news and insights from the National HIPAA Summit, including the announcement that state attorneys general soon will receive training on how to file federal civil lawsuits for HIPAA violations.
"We are training organizations to become more security focused and get them away from the check box mentality," says Jeremy King of the PCI Security Standards Council, describing the group's new approach to increasing PCI awareness globally.
The Defense Department hopes to prevent future WikiLeaks-style breaches by employing public key infrastructure-based controlled access cards, but that solution won't be fully in place until mid-2013, DoD CIO Teresa Takai says.
The United States Naval Academy is revising its core curriculum and will require midshipmen, beginning with the incoming freshman class entering Annapolis this summer, to take at least two cybersecurity courses during their four years at the school.