Using technology to prevent breaches is insufficient. Security leaders also must address the human factor, making sure staff members receive appropriate training on clear-cut policies - before it's too late.
Managing advanced persistent threats will be a priority throughout 2013, says RSA CISO Eddie Schwartz. How should organizations defend themselves against APTs and the year's other top security threats?
Like the cartoonish Kilroy peeking his head over a wall during World War II, unemployment among IT security professionals has bared its head. But don't take these stats as gospel. The data suggest 'full employment' reigns in the infosec community of workers.
An evolving concept known as "intelligent security" involves using a combination of technologies to detect threats, helping security professionals become more proactive. Learn how pioneers are using the new approach.
Sometimes HIPAA training alone is just not enough to drill into peoples' heads why and how patient information needs to be protected. So, how are organizations getting medical staff to do the right thing?
Threats have evolved, and so have our Internet needs. This is why organizations need to explore the security and productivity gains of the next-generation firewall, says Patrick Sweeney of Dell SonicWALL.
A breach that resulted in a $1 million HIPAA settlement led Partners Healthcare in Boston to take many significant steps, including merging its privacy and security efforts, says CISO Jennings Aske. More changes are planned for 2013.
From point-of-sale hacks to malware and DDoS attacks, the top cyberthreats of 2012 have been aggressive and strong. Is it time for organizations to adopt a "hack back" strategy against perceived attackers?
The individual implementing security - the chief information officer - can't be the same as the person responsible for testing security, conducting audit and reporting on security weaknesses, South Carolina Inspector General Patrick Maley says.