Information Security

Despite repeated warnings from the GAO, the IRS has not done much to improve its security posture, and the tax collector was chastised in yet another federal audit.

Gene Schultz, who died on Sunday at the age of 65, is remembered as one of the most accomplished and respected professionals in the field of cybersecurity.

A national competition was launched on Monday to identify the next generation of cybersecurity experts.

The Information Systems Audit and Control Association (ISACA), a nonprofit association of information security, assurance and IT governance professionals, on Wednesday issued a new guidance document outlining a business model for information security. The document is the result of two years of research and expert review and is intended to provide a blueprint to align security projects with business strategy, said Rolf von Roessing, international vice president of ISACA. The technology-neutral model addresses various aspects of IT and privacy and is applicable across industries, countries and regulatory and legal systems. ISACA members can receive the full document for free and nonmembers can receive an introductory guide at no cost. — AM

The United States is lacking an adequate number of individuals within the federal government and private sector with the technical skills necessary to secure cyberspace, concludes a new public policy report.

The U.S. Department of Homeland Security (DHS) now is responsible for ensuring agencies comply with federal information security requirements, according to a recent memo issued by the federal Office of Management and Budget (OMB).

IT security professionals often have high career goals but, to their detriment, fail to adequately plan their careers, according to a survey released on Monday by IT security career consultancy website Information Security Leaders. The survey of nearly 1,000 practitioners found that 65 percent were "more than confident" that they will reach their ultimate career goal. A majority aspire to be a CSO, CISO, consultant or to start their own company. But 83 percent of respondents did not have a written career plan. Those with a defined plan earned "significantly more" money and than those without one, the survey also found. — AM

The emergence of cloud technology presents IT practioners with a unique opportunity: The chance to build security in as opposed to bolting it on, Art Coviello said in a keynote Tuesday at the RSA Conference.