Get up-to-the-minute news and opinions, plus access to a wide assortment of IT security resources that will keep you current and informed.

Keep me logged in Forgot your password?

Please wait...

Please wait...

 Risk Management

Targeted attacks cost companies an average of $200k

May 22, 2012

A recent survey indicates that successful targeted attacks end up costing companies more than $200,000.
 

Report says cyber security still takes a backseat for major companies

May 18, 2012

A recent study finds that major enterprises have yet to catch on to the importance of cyber security.
 

The new e-discovery playing field

Andy Teichholz, senior e-discovery consultant for Daegis April 16, 2012

Risks exist in the e-discovery process, as sensitive information frequently moves and is stored outside a company's firewall.
 

Attention executives: Make sense of security (finally)

Michael Fey, SVP of advanced technology and field engineering at McAfee April 03, 2012

Boardrooms are finally buzzing with serious discussion around cyber security as countless high-profile breaches have produced massive loss.
 

Tightening the fed's belt: Government Roundtable

April 02, 2012

At a recent SC Magazine Roundtable, gov't security pros bemoaned the difficulty in obtaining resources. But instead of crying over spilled milk, they traded ideas for mitigating risk in a down economy.
 

GAO calls on feds to better address supply chain risk

March 27, 2012

The GAO, which performs audits, evaluations and investigations on behalf of Congress, examined four agencies whose duties involve national security: the Energy, Homeland Security, Justice and Defense departments.
 

Making risk management more manageable

Anthony Di Bello, product marketing manager, Guidance Software March 23, 2012

Most businesses don't understand how to manage risk, yet, we live in a world full of risks, says Guidance Software's Anthony Di Bello.
 

Sponsored Video: John Vigoroux of M86 on security industry issues

Eric Green, program director, SC Magazine March 05, 2012

John Vigoroux, CEO of security at M86, discusses the challenges facing the IT industry today at this year's RSA Conference 2012.
 

RSA Conference 2012: Risk management in the enterprise faces challenges

March 02, 2012

A panel discussion on risk management hovered around issues of balancing the scientific element of data gathering with the art of interpreting the information.
 

Security risk management: Engage, monitor and mitigate

November 01, 2011

As targeted attacks scale up and become more sophisticated, expertise in risk management has become one of the most in-demand skill sets a security manager can have, reports Jim Romeo.
 

Health care must respond to shortfalls

November 01, 2011

Security experts believe that robust risk management programs should be a pillar of business planning, says SC Magazine Editor-in-Chief Illena Armstrong.
 

NIST releases continuous monitoring guidance

October 05, 2011

The National Institute of Standards and Technology late last week published new guidance to help organizations develop and implement an information security continuous monitoring (ISCM) program. This initiative can help companies better provide ongoing awareness of threats and vulnerabilities, assess the effectiveness of deployed security controls and support risk management decisions, according to the 80-page guidance document. A mature ISCM program, which requires the use of both automated and manual processes, will enable companies to move from compliance-driven to data-driven risk management.
 

Cloud: A risk/reward proposition

October 03, 2011

Assessing what level of risk is acceptable to one's business is key to any move to the cloud, says Siobhan Byron, president of Forsythe Technology Canada.
 

Sponsored video: Steve Livingston of Deloitte on risk

September 22, 2011

In a conversation with SC Magazine Executive Editor Dan Kaplan, Steve Livingston, principal of Deloitte Enterprise Risk Services, chronicles how people, processes and technology can combine to create a robust risk framework that achieves buy-in from senior management.
 

The case for articulating security risk in a down economy

Patricia Titus, vice president and chief information security officer, Unisys July 12, 2011

Despite an astonishing sequence of breaches this year, expect business executives to remain tight with their purse strings, unless security professionals can accurately convey risk.
 

DHS unveils new programs for software security

June 27, 2011

Software buyers may soon have access to more secure offerings, thanks to a new scoring system that will allow end-users to demand more assurance.
 

A new era for risk management

Justin Somaini, CISO, Yahoo! June 01, 2011

The ability to ascertain the risk tolerance of the business gives us a benchmark to hit as opposed to just "guessing" and then getting political pushback
 

Managing becomes more complex

June 01, 2011

The risk environment is becoming more complicated as time goes on and criminals become more and more sophisticated.
 

Ready for 2011? Five questions for CISOs

Brian Barnier, ISACA January 18, 2011

 

IBM buys compliance software firm OpenPages

September 16, 2010

IBM on Wednesday announced that it has agreed to acquire Waltham, Mass.-based risk and compliance management software provider OpenPages for an undisclosed sum. In a news release, IBM said the acquisition will expand its ability to help businesses address risk management and compliance challenges. OpenPages, which will be integrated within IBM's Business Analytics software portfolio, offers solutions to assist organizations with internal audits, vendor risk management and IT risk and compliance management. The company has more than 200 clients, including Barclays, Duke Energy and Carnival Corp. — AM
 

Birds of a slightly different feather

June 01, 2010

When the stakes are as high as they are today, relative to protecting organizational information and data, having risk and policy management capability is worth a lot, says Peter Stephenson.
 

GAO applauds DHS critical infrastructure protection plan

April 07, 2010

An updated U.S. Department of Homeland Security (DHS) plan for protecting critical infrastructure facilities improves regional protection, risk management and resilience, according to federal investigators.
 

Guide released to mitigate damage of cyberattacks

April 01, 2010

Cybersecurity responsibility must extend beyond the walls of IT and into the finance department - or companies risk continued losses, according to a new report.
 

RSA Conference: Cater security message to business needs, panel

March 03, 2010

Security professionals are most likely to receive management buy-in when they customize their funding pleas around the needs of the business, a panel of experts said Tuesday at the RSA Conference.
 
Popular Topics
4G-war Advanced Persistent Threat Adware AMTSO Anonymous Botnets Cyber Attacks Cyber Crime Data Breach Data Breaches Encryption Hackers Hacktivism Health Care IT Security Java Malware Mobile Devices Phishing Risk Management Social Security Numbers Stolen Information Survey Trojans Vulnerabilities & Flaws