In the wake of Arbor Network's recent discovery of a new botnet that's brute-forcing passwords on WordPress sites, security experts, including Nick Levay of Bit9, recommend beefing up password security on web applications.
In the wake of the NSA leak by former systems administrator Edward Snowden, how can organizations limit the amount of data access offered to those managing IT systems? Former CIA CISO Robert Bigman explains.
Having the right log and access management tools in place - and not all tools are used by all agencies at all times - doesn't mean that the proper authorities are alerted in a timely manner to activities that could jeopardize the nation's security.
Collecting massive amounts of data on individuals, whether in the government or private sector, has become the norm in our society. It's not quite Orwellian, but it's a situation we might have to learn to live with.
Beyond mobile device and data security, what are the ID and access challenges facing security leaders - and how are cutting-edge organizations tackling them? CSOs Elayne Starkey and Malcolm Harkins share tips.
Business line managers are in better positions to control and monitor network and system access privileges than IT departments, since they know their employees and the privileges they should be provided, says Bill Evans of Dell Software.
Because managing identities is a global problem, it requires a global solution, says Paul Simmonds of the Jericho Forum. A new organization has been established to address global identity. Simmonds offers insight.
Banking institutions have spent the last two years enhancing authentication to conform to regulatory mandates. Organizations in other sectors can learn important authentication lessons from the banking industry.
The answer seems obvious, especially in the context of IT security and information risk. Yet, is it, especially when developing codes and standards, as well as funding research and development initiatives that involve taxpayer money?