When it comes to the effectiveness of traditional vulnerability risk management programs, the challenges are often rooted in the process itself. More >
Several sources are reporting new POS malware hitting retail businesses, and a Dell study reveals lack of upgrades and maintenance to be one problem behind the attacks. More >
IBM is trying to create a community through which IT security professionals can collaborate to better identify threats and share alerts. More >
Phishing and spearphishing are in the news, and many more frightening attacks will never be widely discussed. Investing in user training is a little-used defense. More >
As Rob Enderle has discovered, even police departments aren't safe from the latest ransomware and scams. More >
The Verizon report should be met with a certain amount of skepticism because painting a bright picture serves the carrier that makes its money based on its network being used. More >
Phishing and spearphishing are in the news, and many more frightening attacks will never be widely discussed. Investing in user training is a little-used defense.More >
New privacy threats and concerns have created the opportunity for IT professionals to fill a crucial role within the organization. A new cert addresses the need.More >
Don't ignore these potentially serious vulnerabilities.More >
While many enterprises are clearly realizing promised benefits from public clouds, there are still challenges and a consistent set of concerns.
The code review, or in developer parlance, the pull request, is the number one way to set the tone, rhythm and bar needed to build a high-performing team.
Until recently, much of the industry has been focused on applying principles used to manage physical records but they are now realizing that records management is no longer a sufficient solution.More >
This publication provides guidance on protecting the confidentiality, integrity, and availability of information processed...
This guide will assist organizations and system owners in making practical sanitization decisions based on the categorizat...
This publication provides a set of procedures for conducting assessments of security controls and privacy controls employe...
This three-volume report presents an analytical framework that organizations can use to develop effective cybersecurity st...