Enterprise information security management
The challenges of information security management include regulatory compliance, risk management, information security standards, security frameworks, disaster recovery and more. In many IT organizations, the CIO or CSO is responsible for the information security management of the company. Find the latest information security management information for CIOs, including news, tips and other resources, here in this topic section.
Top Stories
-
Tip
08 Apr 2025
Ransomware payments: Considerations before paying
To pay or not to pay -- that's the question after a ransomware attack. Law enforcement recommends against it, but that doesn't stop some companies from paying up. Continue Reading
-
Answer
07 Feb 2025
7 key identity and access management benefits
Identity and access management benefits users, security and IT admins, and it also improves an organization's security posture. Read up on seven key advantages of IAM. Continue Reading
-
News
10 May 2007
Security screeners sue over missing TSA hard drive
A union is suing the Transportation Security Administration (TSA) over the loss of a computer hard drive containing the personal information of around 100,000 security screeners. The lawsuit would require the government agency to encrypt employee data and monitor mobile devices holding worker information. Continue Reading
-
News
12 Apr 2007
Oracle update to fix 37 security flaws
Oracle plans to release patches to plug 37 security holes in its products next week, according to a preview of the upcoming Critical Patch Update released April 10. Continue Reading
-
News
04 Apr 2007
FCC imposes rules to prevent pretexting
The Federal Communications Commission hopes to prevent data burglaries with a set of new regulations for phone companies aimed at preventing the fraudulent practice called "pretexting." Continue Reading
-
News
22 Feb 2007
T.J. Maxx probe finds broader hacking
The TJX Cos., the discount retailer best known for its T.J. Maxx and Marshalls clothing stores, said Wednesday that its hacking investigation has uncovered more extensive exposure of credit and debit card data than it previously believed. Continue Reading
-
News
22 Feb 2007
Google patches vulnerability in Desktop search tool
Google has issued a patch for a serious vulnerability involving Google Desktop that would have allowed attackers to steal personal information and possibly take control of a system remotely. Continue Reading
-
News
08 Feb 2007
Massachusetts leads national TJX data probe
The Massachusetts Attorney General is heading up a group of more than 30 states trying to force answers to how the massive TJX data breach happened. Continue Reading
-
News
11 Jan 2007
No fixes for Microsoft Word zero-day flaws
Microsoft has released high-priority fixes for serious vulnerabilities in its Outlook and Excel applications, but there are no patches in the January batch for known Microsoft Word flaws that are currently under attack. Continue Reading
-
News
03 Jan 2007
Research: IM malware attacks on the rise
With 41 new attacks carried out during December alone, 2006 proved to be a significant growth year for threats distributed over instant messaging systems. Continue Reading
-
News
22 Nov 2006
Small companies ignorant of security?
Small businesses must become more aware that they are potential victims of cybercrime, former White House security adviser Howard Schmidt has urged. Continue Reading
-
News
16 Nov 2006
Remote workers still confused about security
Not only are remote workers a ticking time bomb when it comes to network security, but many also feel IT has no right to monitor their online behavior. Continue Reading
-
News
14 Nov 2006
Security flaw could ground Wi-Fi users
Security monitoring groups warn there's a hole that could allow nearby hackers to execute kernel-mode code the minute you open up your Wi-Fi. Continue Reading
-
News
14 Nov 2006
Users eye iPods as cool enterprise tools
The holidays may bring a flood of new consumer gadgets into the enterprise. New research shows that corporate IT should find ways to include them. Continue Reading
-
News
25 Oct 2006
FBI: Cyberattacks underreported
Companies should do more to report cybercrimes such as hacking and phishing to help federal authorities investigate and ensure that additional data isn't compromised beyond initial attacks, a high-ranking FBI official said. Continue Reading
-
News
16 Oct 2006
Microsoft to give Vista data to security firms
Microsoft will make available parts of key data to security software firms such as Symantec Corp. and McAfee Inc. to enable their products to work smoothly with its new Vista operating system. Microsoft has promised the additional information to comply with European Union requirements that stem from the landmark 2004 decision that MS used its dominant Windows system to damage competitors. Continue Reading
-
News
16 Oct 2006
Online brokerage account scams worry SEC
High-tech crooks are hijacking online brokerage accounts by using spyware and operating from remote locations, sometimes in Eastern Europe, U.S. market regulators said on Friday. Continue Reading
-
News
10 Oct 2006
Remote workers still imperil enterprise security, study finds
Most workers who access data networks remotely or carry company-owned laptops are putting their employers at risk, according to a global security research study from Cisco Systems Inc. Continue Reading
-
News
30 Aug 2006
AT&T hack exposes 19,000 identities
A cyberattack on the telecommunications giant over the weekend affects about 19,000 customers who bought equipment for high-speed DSL connections online. Continue Reading
-
News
24 Aug 2006
Why did Microsoft delay IE Patch?
Microsoft has delayed the re-release of a critical Internet Explorer browser patch because of an internal glitch. Security experts are not happy. Continue Reading
-
News
11 Jul 2006
Research points to faster threat development
Security software maker McAfee Inc. says it has seen a significant leap in the appearance of new threats in the past few years. Continue Reading
-
News
22 Jun 2006
Unpatched iTunes, Skype, Firefox inviting malware targets
Employees are downloading unpatched versions of some of the most popular software applications and presenting a bigger threat to enterprise networks than malicious software, according to a warning from Bit9, an endpoint security vendor. Continue Reading
-
News
25 May 2006
VA not alone in data carelessness, says watchdog group
It isn't just Veterans Affairs that's putting its data at risk. The personal information about Americans isn't safeguarded properly throughout the government, and the consequences could be disastrous, congressional investigators say. Continue Reading
-
News
27 Apr 2006
Special Report: Ideal intrusion defense combines processes and people
What defines good enterprise intrusion defense? In the first installment of Intruder Alert, a special three-day series, IT pros say the best programs thwart not only the bad computing habits of insiders, but also the spyware and other malware they allow in. Continue Reading
-
News
26 Apr 2006
Windows patch problems to force out-of-cycle repair
Microsoft on April 25 re-released a critical update that fixes a Windows Explorer code-execution vulnerability. The patch has caused problems with certain third-party software. Continue Reading
-
News
11 Apr 2006
IBM touts chip-level security
IBM says new technology will allow chip makers to build embedded security features into processors used in mobile handsets, PDAs and other devices. Continue Reading
-
News
03 May 2005
What's the cybersecurity coverage these days?
Though companies are expressing more interest in policies to protect against the onslaught of privacy breaches, such insurance still remains a rarity. Continue Reading
-
News
27 Feb 2005
Security is top CIO concern, survey finds
Network security improvements topped the list of priorities provided by 1,400 recently surveyed CIOs. System upgrades ranked second, followed by database upgrades and installations. Continue Reading
-
News
22 Feb 2005
Symantec, Veritas CEOs tell post-merger story
Symantec CEO John Thompson and Veritas CEO Gary Bloom talk about their post-merger plans for providing blended backup and security products. Continue Reading
-
News
21 Feb 2005
RSA 2005: Experts weigh in on phishing and other e-pariah
Protections against intrusions and productivity drainers like spam are improving, but so are the bad guys. An RSA town meeting addresses what law enforcement's doing about it. Continue Reading
-
News
21 Feb 2005
RSA 2005: A chat with Sybari's Joe Licari
Check out an insider's perspective on Sybari's latest initiatives and what Microsoft's acquisition plans could mean for users who buy in now. Continue Reading