After more than a decade, the Federal Information Security Management Act could use some updating, but Congress should take the time to look at what really has worked.
Distributed denial-of-service attacks are becoming more common, more powerful and the botnets that support them more resilient.
Once again admins are being advised to disable Java in the wake of a new vulnerability. It's time to decide how important this plug-in is to your enterprise and when -- if ever -- it should be used.
A new study of the evolving cyber threat landscape identifies a half-dozen areas likely to be high-profile targets in the immediate future, including something called "trust infrastructure."
Today's systems, policies and procedures were developed to lock information down, not to share it securely. Interoperable credentials could be the key.
New technology doesn't define the cyber threat landscape, say researchers crunching numbers from eight years of Verizon Data Breach Investigation Reports.
The Trojan Upclicker evades automated detection tools by monitoring mouse activity to make sure it is dealing with a human before jumping into action.
Despite taking the safe road by predicting that threats for 2012 would be a lot like those of 2011, the CyberEye still managed to only bat about .500.
With security information limited by screen size, even experts can't tell when they're visiting malicious sites, according to a Georgia Tech study.
RIM's long-awaited BlackBerry 10 OS contains a blacklist of passwords that users will not be allowed to use. Maybe it's not a great idea, but it's a good one.