The president's proposed cybersecurity legislation does not include strong enforcement for securing privately owned critical infrastructure.
Source code for ZeuS malware has been leaked on the Internet -- or has it? At least one researcher thinks it could be a freeware marketing ploy to build demand for peripheral services.
A survey of C-level executives predicts that the federal IT security workforce will double in the next five years, but budget squeezes and a shortage of qualified workers might make that a tall order to fill.
The National Strategy for Trusted Identities in Cyberspace envisions an industry-led ecosystem to securely manage identities in cyberspace; the test of its success might well be government's willingness to adopt it.
Microsoft, which picked up a block of slightly used IPv4 addresses from bankrupt Nortel, has agreed to transfer them according to official policy, heading off a confrontation over who controls the legacy addresses.
A recent dispute over whether Google Apps for Government is properly authorized has been clouded by term "FISMA certified." But it’s debatable whether there is any such thing.
Symantec's Internet Security Threat Report details a shift toward online attacks that draw on social media information and target high-value victims, such as those in government.
More complex security environments require the use of whitelists to effectively combat attacks such as advanced persistent threats, one vendor says.
The recent discovery of an advanced persistent threat inside RSA proves what the company had been saying for weeks: This new breed of threat against high-value targets is probably inevitable.
The most recent OMB report on FISMA compliance includes new metrics on IT security performance. The results are mixed; the real test will be the progress from this baseline measured in future years.
As the world becomes more mobile, will attackers abandon the tethered desktop in favor of handheld devices as the target of choice for malware?
Recovering and reallocating unused IPv4 addresses will not significantly extend the life of the address pool or delay the need to transition to IPv6, says the Internet numbers registry.
You have to be careful in handling personal information, but legislation that would prohibit most uses of biometric data and RFID would throw the baby out with the bathwater.
Microsoft's Scott Charney says there are some threats in cyberspace that we're probably going to have to learn to live with.
Everyone agrees that public/private partnerships are necessary to improve cybersecurity. So why is everyone still asking for them?