The National Vulnerability Database (NVD is a leading source of intelligence on vulnerabilities for InfoSec professionals, and while it provides many benefits, it also has its limitations. This article will explain the advantages of using the NVD for vulnerability management, point out some of the blind spots that have occurred recently, and recommend best practices for successful mitigation.
In this ITSPmagazine An InfoSec Life column, Tadd Wood shares his views on how data—and people—play a role in identifying risk and addressing cybersecurity issues.
Mandy Huth shares a day in her life as Director of Cybersecurity in order to produce further understanding of the challenges InfoSec professionals face and how we might overcome them.
If we want to escape from “cyber hell” – then professionals will need additional training, not only to learn the latest technology, but also to understand public policy and organizational management. Howard Shrobe is looking to change this through professional education initiatives at MIT.
Before rushing headlong into the Internet of Things, it's good to know what happens to the data that all those connected devices collect--and how to protect it.
It's time to stop pretending this is not going to happen to you. At work, or in your everyday life, we need to learn how to live with cybersecurity. If we want to play in an IoT and Internet-connected world, we need to learn how to play by the rules. Nobody has taught you thus far. It's time to get started. Now.
The Payment Card Industry Security Standards Council has updated its data security standard. PCI DSS 3.2 went into effect November 1, which means many organizations are now scrambling to come into compliance--while also preparing for the busiest time of the year.