The massive initiative to deploy continuous monitoring at U.S. federal government agencies will be done in phases, with the initial rollout occurring over three years, the Department of Homeland Security's John Streufert says.
As the federal government ramps up deployment of continuous monitoring, agencies should significantly reduce the time to certify and accredit IT systems and detect vulnerabilities, says the Defense Department's Robert Carey.
Organizations incorporating social media into their daily operations tend to have gaps in policies, and key aspects are often an afterthought, says attorney David Adler, who pinpoints areas to address.
What are the most common types of cyber attacks, and where do organizations find themselves most vulnerable?
According to the new 2013 Cyber Security Study:
47 percent of surveyed organizations know they have suffered a cyber attack in the past year;
70 percent say they are most vulnerable through their...
Organizations increasingly engage with customers via social media, but managers often fail to incorporate or enforce key policies. Attorney David Adler offers tips to improve social media management.
Addressing cyber-attacks is not just a technology issue. It requires a holistic view from the entire organization, says ISACA's Jeff Spivey, who emphasizes the need for a framework approach to security.
In the face of advanced threats, organizations need to shift their security posture from breach prevention to incident response, says Tom Cross of Lancope, who discusses new strategies.
Facing advanced cyber-attacks, organizations must shift their focus to detection and mitigation, says ISACA's Jeff Spivey, who outlines four capabilities necessary for effective response.
From sophisticated malware to socially-engineered schemes, banking institutions of all sizes are under constant, multi-channel attack. How can they respond? Daniel Ingevaldson of Easy Solutions shares ideas.
Advanced persistent threats are evolving, and banks can help thwart them by using continuous monitoring for real-time detection, says J. Paul Haynes of eSentire.
As it is often stated, time is money, and this is above all true when it comes to online fraud. It is no secret that the longer a phishing attack stays live the more losses accumulate, often exponentially. Therefore, it is a business imperative to quickly identify and eliminate these threats. As phishing attacks...
From sophisticated malware to socially-engineered schemes, banking institutions of all sizes are under constant, multi-channel attack. How can they respond? Daniel Ingevaldson of Easy Solutions shares ideas.
Ron Ross, the NIST computer scientist who heads the initiative that is revising the guidance, characterizes the updated publication as the most comprehensive one since the initial catalogue of controls was issued in 2005.
As enterprises move more applications to the cloud, continuous monitoring will play a greater role in assuring the software is patched in a timely manner, says John Streufert, DHS director of federal network resilience.
An evolving concept known as "intelligent security" involves using a combination of technologies to detect threats, helping security professionals become more proactive. Learn how pioneers are using the new approach.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.
