The Security Content Automation Protocol (SCAP) can help take guesswork out of secure system configurations.

In 2009, virtually all health care providers take credit cards - and virtually none of them are PCI compliant.

Consider this: Though there was an overall 15 percent rise in vulnerabilities discovered last year, 60 percent of those uncovered were web application flaws.

How will the providers, carriers and end-users of today protect content, asks Gal Salomon.

We're always happy to hear from you, our readers. Please send your comments, praise or criticisms to scfeedbackUS@haymarketmedia.com. We reserve the right to edit letters.

The role of a security professional in the vendor review process is to help identify which vendors are "critical" to the security of information assets.

Hackers can quickly figure out the weakest link in the network.

U.S. companies with European subsidiaries are likely to encounter data protection difficulties when requesting personal information from Europe.

Information security is still in its formative years. But, as executive leaders' understanding of the need to integrate security strategies into their business plans matures, the IT security professional's role presumably expands in importance. As it turns out, such an evolution is happening in some organizations

Email was once a straightforward vehicle that, contrary to design, became a vector for viruses, trojans and spam. etc. Now, of course, it's a virtual open door exploited by individuals, organized groups of malware authors and cybercriminals to deliver sophisticated and stealthy security threats, which take up residency on desktops and establish extensive strongholds on corporate networks.