The No. 1 reason Congress, after five years of intensive efforts, has yet to enact comprehensive cybersecurity legislation is differences over how much liability protection to grant businesses to get them to share cyberthreat information.
When a former U.S. president acknowledges that he won't use e-mail to correspond with foreign leaders to avoid snooping by the NSA, you know the image of America as a bastion of freedom - at least online - has dropped a few more notches.
Security experts are sizing up the challenges that would be involved in implementing a federal government proposal to continuously monitor employees and contractors with security clearances in hopes of preventing leaks of sensitive information.
The investigation of the disappearance of Malaysian Flight 370 is raising issues that are very similar to those considered in cybersecurity cases, ranging from the insider threat to deleting data from a computer.
Speculation surrounding the cause of the disappearance of Malaysia Airlines Flight 370 hasn't included the possibility of a cyber-attack. But one cybersecurity expert contends hacking an airliner is feasible.
In a preliminary step toward enactment of a new EU data protection law, the European Parliament on March 12 approved a draft proposal for a comprehensive overhaul of the EU's 1995 data protection directive.
An address by FBI Director James Comey at the RSA security conference seems to equate civil liberties and privacy. But when he offers an example of balancing Americans' rights with cybersecurity, he mainly refers to the civil liberties, not privacy.
Simple credentials, such as passwords, are a hacker's best friend, says Phillip Dunkelberger of Nok Nok Labs, a founding member of the FIDO Alliance. That's why the alliance is working to reduce reliance on passwords by enabling advanced authentication.
Would determining ahead of time which controls should be examined in an information security audit help the federal government - or for that matter, any organization - better identify vulnerabilities across the enterprise?
Editor's Note: Excerpts of this interview appear in ISMG's Security Agenda magazine, distributed at RSA Conference 2014.
Privacy should be built into the design of all healthcare information technology and related processes, says Michelle Dennedy, who's writing a book on the concept of "privacy by design."
Here's a sampling of the many sessions at RSA 2014 that will provide timely insights for security specialists in the government sector on such topics as vetting foreign technologies and implementing the new cybersecurity framework.