The National Institute of Standards and Technology (NIST) has released the preliminary version of its cybersecurity framework for critical infrastructure. The voluntary guidelines were crafted by NIST with the help of private sector input and engagement with industry stakeholders. The final version of the framework is due in April.
A Government Accountability Office report recommends that the Transportation Security Administration no longer fund its behavior detection programs because they are generally ineffective. Its meta-analysis of hundreds of studies found that the ability of human observers to accurately identify deceptive behavior based on behavioral cues is the same as or slightly better than chance.
The IT Risk/Reward Barometer, conducted by the nonprofit global association ISACA, examines the gaps between what people believe and what they do when it comes to the Internet and sharing information online. For example, people tend to fear that their information is at risk, but most continue to be careless with their passwords.