Under federal, state, regulatory, and contractual requirements, Michigan Tech is responsible for developing and implementing a comprehensive information security program. The purpose of this document ...

What are the nuclear security considerations that the extensive use of advanced digital systems and information-technology features bring with them? How do nuclear security regulations address risks ...

The Network and Information Security 2 Directive (“NIS2”) was implemented into law in the EU on 17 October 2024 (implementing legislation available here). NIS2 expands the scope of the original NIS ...

With the increase in cyber-attacks and information security breaches – 72% of large UK firms identified an information security breach in 2018, a rise from 68% from 2017 – the importance of protecting ...

In June 2015, the Office of Personnel Management (OPM) reported that an intrusion into its systems had affected the personnel records of about 4.2 million current and former federal employees. Then, ...

For 22 years, the Government Accountability Office (GAO) has designated information security as a government-wide high-risk area. The Federal Information Security Modernization Act of 2014 (FISMA) ...

In this post, we'll review important elements that must be taken into account prior to implementing ISO 27001, as these are very useful during information security management system (ISMS) planning ...

The title of Chief Information Security Officer, or CISO, emerged during the 1990s as the first large-scale cyber attacks started to occur. Since then, it's become a near-ubiquitous role in any large ...

The Office of Personnel Management (OPM) has improved its information security controls since a breach of its systems affected nearly 22 million Americans, but it needs to take further action to guard ...

How do we manage what we can’t measure? One of the cornerstones of the scientific method is measurability: a focus on defining the ways of counting or measuring aspects of reality that we hope will be ...