The release of the list coincides with the issuance of the Common Weakness Scoring System that allows software makers to identify vulnerabilities in their programs and buyers to determine software they acquire is secure.
Some organizations hesitate to involve law enforcement in their breach investigations for fear that exposing the hack would cost them their reputations and money. A Justice Department contingent tells a gathering of lawyers why that impression is wrong.
What's the top threat on the minds of global IT leaders? Employee-owned mobile devices - or BYOD (bring your own device), as the trend is known. The struggle: Do mobile device benefits outweigh the organizational risks?
A silver lining is emerging behind the rash of breaches that occur all too regularly. The fact that these breaches make the public more aware of the vulnerabilities is encouraging in efforts to make the Internet safer for all.
Four years ago, the Council of Registered Ethical Security Testers began as an organization to bring standardization to the penetration testing industry. Today, CREST's scope is expanding across industries and global regions, says president Ian Glover.
Three recent breach incidents, each involving the loss or theft of back-up drives, illustrate that some organizations are doing a better job than others in informing consumers about the steps they're taking to prevent more breaches.
Emerging technologies, application vulnerabilities and regulatory compliance force organizations to bridge the development and security silos and find avenues for interdisciplinary cooperation to produce secure software.
The information security profession is at a crucial turning point as professionals scramble to develop new skills in the arenas of cloud computing, mobile applications and social media, a new survey shows.