Governance

Mon, April 16, 2012 - Anticipating potential pitfalls, detecting warning signs and acting at the first signs of trouble are the keys to a well-functioning governance framework. KPMG's Harvey Okin offers advice on how to identify governance issues before they become real problems.

Wed, April 04, 2012 - As federal agency and department CIOs develop a government-wide mobile strategy, IT leaders face concerns about device flexibility and solid use cases.

Tue, April 03, 2012 - Facing ongoing budget pressure, federal CIOs are being prodded to do more with less as they seek to improve services, consolidate data centers and eliminate overlapping or outdated programs. In a keynote address at the FOSE government IT conference, U.S. CIO Steven VanRoekel said that federal CIOs must reassess their approach to new technology deployments.

Mon, April 02, 2012 - Businesses may have scaled back their security and risk management investments during the economic downturn, but cybercriminals continued to invest. In the coming years, criminal organizations will grow even more sophisticated. To be prepared for what's coming, organizations must adjust their approach to security now.

Fri, March 30, 2012 - Open Source components are a boon to developers, allowing them to efficiently write code without reinventing the wheel. But since open source lacks the notification infrastructure of commercial software, organizations must maintain a running inventory of open source components and their dependencies in production applications or risk deploying apps with known vulnerabilities.

Tue, March 27, 2012 - Businesses are under pressure to enable collaboration beyond the corporate firewall as workers increasingly need to connect with remote colleagues as well as business partners, suppliers and consultants. The challenge to IT departments is that many employees are turning to email and consumer-grade file-sharing services to get their work done and exposing the enterprise to risk in the process.

Tue, March 20, 2012 - For the first time in seven years, the average cost of a data breach in the U.S. has declined. It fell to an average of $5.5 million per data breach in 2011 despite numerous high-profile data breach incidents.

Wed, March 07, 2012 - Appearing before a House subcommittee, executives from Internet service providers such Comcast and AT&T warn against check-box compliance approach to cybersecurity.

Tue, March 06, 2012 - Given that stolen medical records can bring $50 apiece on the underground market, the frequency and magnitude of data breaches involving electronic health records is increasing. In an effort to help CIOs and CSOs build a better business case for enhancing security, a group of standards and security organizations have issued a new report on the financial impact of such data breaches.

Thu, March 01, 2012 - The Republican-proposed SECURE IT Act presents a much narrower vision than bipartisan comprehensive cybersecurity measure, adding no regulations and limiting focus to voluntary sharing of information about threats.

Fri, February 24, 2012 - SSL certificates are a fundamental component of secure online transactions, but a new survey finds that a majority of organizations don't know where or how many certificates they actually have, and nearly as many lack an accurate idea of which certificates are about to expire. Venafi CEO Jeff Hudson says this increases organizations' operational, security and audit and compliance risk.

Wed, February 22, 2012 - The Business Software Alliance surveyed 24 countries that comprise lion's share of global information and communication technologies market to identify the most cloud-friendly policy environments. Where does the U.S. rank?

Wed, February 15, 2012 - Last year saw the rise of malware networks, distributed network infrastructures that exploit popular places on the Internet to repeatedly launch a variety of dynamic malware attacks. Blue Coat Labs has issued six best practices that can help organizations defend themselves against the threat.

Mon, February 06, 2012 - IT professionals know that handing data over to a third-party is always risky, but cloud computing creates unique concerns for IP. Here are nine tips to protect critical corporate data wherever it goes