Rep. Hank Johnson, D-Ga, has introduced the bipartisan Application Privacy, Protection and Security (APPS) Act of 2013 (H.R. 1913). Its purpose is to require app developers to maintain privacy policies, obtain consent from consumers before collecting data, and securely maintain the data they collect.

The European Union could soon consider a proposal that would give law enforcement the ability to engage in “offensive hacking,” i.e., compromise private infrastructure and systems to gather information via spyware, delete data or even take servers offline completely when there is probable cause to suspect cybercriminal activity.

Infosecurity Europe has released basic figures on last month’s eighteenth annual exhibition and conference: pre-ABC audit figures show a 6% increase in visitors over 2012 to 13,200, with more than 70 new exhibitors.

Cost and lack of support, training, and management approval are the roadblocks standing in the way of secure development, said Steve Lipner, partner director of programme management in Trustworthy Computing Security at Microsoft, in a press conference at Security Development Conference in San Francisco, May 14 2013.

Opening the Security Development Conference in San Francisco, May 14 2013, Microsoft’s corporate vice president of Trustworthy Computing, Scott Charney, called for vendors and governments to follow Microsoft’s lead in conforming to the ISO 27034-1 standard.

By Mark O’Neill Most people have used the Facebook, Twitter, or Google Apps buttons located on websites to log into third-party services. This approach is useful within consumer IT as it enable...

This afternoon, I met the CEO (and co-founder) of Semafone, Tim Critchley. When the invitation to interview him landed in my inbox, I was all set to turn it down. As Critchley himself admits, call cen...

Shortly before the chaos of Infosecurity Europe, I joined David Emm, senior security researcher at Kaspersky Lab, for lunch in a lovely quiet gastro pub in the Oxfordshire countryside. Whilst I frequ...

Last week we published accompanying editorials from our most recent print edition that asked a rather simple question: Should information security professionals be licensed to practice? Arguing in fa...

Comment: Rethinking Safety in the Modern Digital World Eric D Knapp of Wurldtech contemplates what safety means in today’s digital environment

The Prognosis for Medical Device Security Medical devices can be hacked – but how much of a danger is it? Danny Bradbury asks the experts

Comment: Exposing the Myths of Access Rights Management Managing access rights is time-consuming and often considered a mundane task. Nevertheless, making sure only the right people can access company data is a business-critical function. Christian Zander of protected-networks.com addresses a number of ‘myths’ he has encountered when discussing this issue with senior IT management across Europe.

Interview: Dorothy Denning In her heart a true academic, Drew Amorosi tracks down Dorothy Denning – renowned information security researcher and trainer of today’s cyber warriors

Alan Boardman says it’s time to license information security professionals and join the ranks of other esteemed professions

A licensing scheme for information security professionals would create more issues than it solves, according to Hord Tipton

Interview: Larry Ponemon Dr. Larry Ponemon is the chairman and founder of the Ponemon Institute, and one of the nicest people you may ever meet. Here’s what happened when Eleanor Dallaway met the King of Privacy himself…

In Cyberspace, No One Can Hear You Scream Royal Holloway’s Geraint Price and Keith Martin call for innovative approaches to securing cyberspace that go beyond the current practitioners’ toolkit

Comment: Making the Journey from BYOD to BYOPC Is the laptop evolving into a tablet, or is the tablet evolving into a PC? As the device landscape blurs, Yorgen Edholm of Accellion urges enterprises to face the new challenges of how content is secured, synchronized and shared on the new generation of mobile devices

The Politics of Cybersecurity President Obama takes the law into his own hands by signing a recent executive order on cybersecurity for critical infrastructure. Drew Amorosi examines the implications