Concerns expressed by the National Security Agency director come at a time when Congress is split over the role government should perform in determining the security of the mostly privately owned national critical IT infrastructure.
2011 has offered quite a number of tough lessons for security professionals. Here at (ISC)2, where security education is our focus, the close of another year raises the old teacher's question: "What have we learned, class?"
IT security practitioners should understand why the bits, bytes and network connections - the technologies - are important to their organization's goals. Ignorance of the mission, for IT security folks, isn't bliss.
Heavily regulated industries like banking and healthcare have been reluctant to make the virtualized leap to the cloud, fearing a loss of control could open them to unforeseen risk. Are their concerns unfounded?
Looking at the international stock market crash and the impact it's likely to have on future investments in fraud detection and prevention, how much can banks and credit unions reasonably afford, when economic stability is shaky and the financial future uncertain?