Articles

  • Verisign Breached Several Times in 2010

    Company: Data Accessed, But Net Root Name Servers Unaffected Eric Chabrow - February 3, 2012
    Verisign Breached Several Times in 2010

    Verisign, operator of two of the 13 root name servers that route traffic on the Internet, has revealed that outsiders attacked its computer network several times in 2010, but top management did not learn of the incidents until September 2011.

  • Risk Management Requires Innovation

    Part 2: Professionals Thinking Outside of the Box Jeffrey Roman - February 3, 2012
    Risk Management Requires Innovation

    Risk-management professionals must think outside of the box in terms of innovation, research and development and partnerships.

  • 7 Steps to Improve Security Incident Handling

    New NIST Guidance Targets Computer Incident Response Eric Chabrow - February 2, 2012
    7 Steps to Improve Security Incident Handling

    Establishing an effective security incident response program is a key component of an information risk management strategy. And NIST has issued draft guidelines to help organizations implement such a program.

  • Social Media: A Risky Reality

    Networking Behavior Increases Online Bank Account Risks Tracy Kitten - February 2, 2012
    Social Media: A Risky Reality

    Consumer behavior is the biggest concern when it comes to online risks posed by social media. But Bill Wansley of Booz Allen Hamilton says financial institutions can manage those risks. What steps does he recommend?

  • House Panel Approves Cybersecurity Bill

    The Precise Act Gives Lead Role to DHS on Non-Defense IT Security Eric Chabrow - February 1, 2012
    House Panel Approves Cybersecurity Bill

    Rep. Dan Lungren, the bill's chief sponsor, contends the regulatory approach taken by his bill would be less intrusive on the private sector than proposed Senate legislation and a plan by President Obama.

  • Anonymous Brazil Targets Bank Sites

    DDoS Attacks Disable Websites Information Security Media Group - February 1, 2012
    Anonymous Brazil Targets Bank Sites

    The hacking group Anonymous Brazil has targeted the websites of several of Brazil's top financial institutions, including Banco Bradesco and Banco do Brasil, with distributed denial-of-service attacks, leaving the sites in the dark, the Associated Press reports.

  • New Guidance on Payments Processing

    FDIC Stresses Due Diligence, Transaction Monitoring Tracy Kitten - February 1, 2012
    New Guidance on Payments Processing

    The FDIC has issued revised guidance describing potential risks associated with relationships to third-party payment processors. What are regulators' new risk-management expectations of banks?

  • Congress to Google: Explain Yourself

    Lawmakers Questions Google's New Privacy Policy Eric Chabrow - January 31, 2012
    Congress to Google: Explain Yourself

    "These changes might not otherwise be troubling but for one significant change to your terms of service: Google will not permit users to opt out," the leaders of a House panel say in a letter to Google CEO Larry Page.

  • Mobile Banking: Guidance Coming?

    As Mobile Adoption Grows, So Could Regulatory Action Tracy Kitten - January 31, 2012
    Mobile Banking: Guidance Coming?

    Regulators have hinted at it, and industry experts say it's coming. U.S. banking institutions can expect to see new guidance for mobile banking. The open questions are: When, and in what form?

  • University Breach Lawsuit Settled

    96,000 Receiving Credit Monitoring, Restoration Services Jeffrey Roman - January 30, 2012
    University Breach Lawsuit Settled

    The University of Hawaii has agreed to settle a class action lawsuit involving data breaches affecting about 96,000. It agreed to provide those affected two years of free credit monitoring and credit restoration services.

ARTICLE PCI: A Compliance Challenge

Organizations have started achieving PCI compliance, but it's a struggle for many to maintain, says...

Latest Tweets and Mentions

ARTICLE PCI: A Compliance Challenge

Organizations have started achieving PCI compliance, but it's a struggle for many to maintain, says...

The ISMG Network