A lack of clear lines of authority is crippling the nation's ability to protect its critical infrastructure, and congressional dysfunction offers little hope for improvement.
Black Hat attendees are told they should assume they already have been compromised by malicious code, which makes cooperation between industry and the hacker community more important now than ever.
Even the best policies can produce easily guessed passwords, a study finds.
The Pentagon's plan for operating in cyberspace should help quiet concerns of those worried that the strategy goes too far -- or not far enough.
The criminals behind the Zeus botnet busted by the FBI last year were not computer geniuses, agents say, and the complexities that make policing the Internet a challenge can be overcome with cooperation.
The Center for Strategic and International Studies' James Lewis says that, judged by precise criteria, "there have been no cyber wars and perhaps two or three cyberattacks since the Internet first appeared."
Rather than fostering innovation, patents in the technology industry are being used as weapons, both offensive and defensive.
Proposed additions to the Defense Federal Acquisition Regulations System would require contractors to provide minimum security for unclassified but controlled DOD information in their systems.
Targeted attacks against high-value targets are more costly but produce a better return on investment, so cyber criminals are adopting more boutique business models, according to recent research.
The ego-driven hackers haven't demonstrated any significant ability or espoused a particular cause, but they have highlighted the sorry state of security in much of the information infrastructure.
Current attacks against government and contractor systems, both serious and trivial, might not yet amount to cyber warfare, but they raise the possibility of dangerous escalation.
Sen. Patrick Leahy's copyright and trademark protection bill would impose draconian remedies and treat the entire Internet infrastructure as accomplices to online pirates and counterfeiters.
The latest report from VeriSign shows 4.5 million new domain names added this year, which are likely to draw the attention of hackers.
The recent spate of successful targeted phishing attacks demonstrates that e-mail cannot be trusted and any attachment or link, from any source on any subject, must be treated as suspect.
The president's proposed cybersecurity legislation does not include strong enforcement for securing privately owned critical infrastructure.