We Information Security professionals are a cynical bunch.

I asked on Twitter for some of you to reply to me, answering the following question: "Describe Enterprise Security" in 3 words. You probably wouldn't be surprised what sorts of things people replied with.

Virginia Comonwealth University's Servers Breached

Servers at Virginia Commonwealth University were recently hacked, potentially exposing Social Security numbers for more than 176,000 faculty, students and affiliates at the university and the VCU Health System. No patient information was involved.

On Oct. 24, routine monitoring of servers uncovered suspicious files on one device, according to a statement from the Richmond, Va.-based university.

To read this article in its entirety, please click:

Hacking Incident Affects 176,000

As users discover and attain access to software and services that empower them to do things that used to require IT intervention, IT has to change.

An important and barely noticed aspect of the consumerization of IT concerns the ownership and control of data workflow.

Over the last few years many enterprises have experienced a shift in how work is done with computers, mostly because users have been able to use software with increasingly complex functionality at decreasing prices.

To read this article in its entirety, please click:  

IT Loses Control - and That's Okay

Tiger Team Wants HHS to Offer Updated, Detailed Guidance

The Department of Health and Human Services should provide regularly updated, detailed guidance on all aspects of HIPAA security rule compliance, the Privacy and Security Tiger Team plans to recommend.

At a Nov. 15 meeting, members of the team, which advises HHS on a variety of issues, lament that federal authorities have not provided enough updated guidance on how to maintain healthcare information security.

To read this article in its entirety, please click: 

 HIPAA Security Rule Guidance Sought

The Pentagon is prepared to launch cyberattacks in response to hostile actions that threaten the government, military or U.S. economy, according to a new policy document submitted to congress this week.

The report, obtained by The Washington Post, is the most detailed document so far from the government on its emerging cyberwarfare program, and it warns that adversaries attempting cyberattacks against the United Stated "would be taking a grave risk."