Elayne Starkey, the state of Delaware's chief security officer, no longer micromanages how cloud services providers secure state data. Find out why she's giving providers more leeway in defining security requirements.
Seeking to boost participation by federal agencies and cloud-service providers in the security vetting program known as FedRAMP, the General Services Administration has issued a two-year roadmap aimed at improving and enhancing the initiative.
Organizations in all business sectors should take a series of steps to guard against "visual hacking," a low-tech method used to capture sensitive, confidential and private information for unauthorized use.
The Council of the Inspectors General on Integrity and Efficiency says government data stored on cloud service providers' servers could be at risk because of insufficient enforcement of government rules.
As researchers scramble to learn more about Shellshock and the risks it poses to operating systems, servers and devices, Michael Smith of Akamai explains why not all patches are actually fixing the problem.
The automated version of the IT risk management and governance framework should save project leaders 30 to 60 hours of work over a manual process of building a secure IT system, ISACA President Robert Stroud says.
Apple's advice to always use strong passwords and two-factor authentication ignores that image hackers are bypassing those controls - and celebrities aren't the only victims. Here's what needs to change.
Apple plans to add safeguards to help address security vulnerabilities exploited by celebrity photo hackers. But some security experts contend that the proposed changes won't block iCloud account hackers.
Initial reports suggested that Russian hackers could behind an attack against JPMorgan Chase, and perhaps other U.S. banks. While it's still far from clear who the culprits are, experts discuss the potential hacking motivations of a nation-state.