Are You Testing for the Real World?
While seemingly subtle, the difference between emulation and simulation are crucial when it comes to ensuring realistic testing with reliable, repeatable results.
In order to have confidence in your systems, you need to continually test and monitor them with realistic...
Due to the increase in security breaches over the past few years, you know that legacy approaches to data center security are not adequate. Micro-segmentation could be the answer - but what does it really mean and how do you do it? Read this solution overview to find out.
The U.S. Office of Personnel Management - besmirched by a 2015 breach that exposed the personal information of 21.5 million individuals - turns to the military for its new chief information officer. He's DoD Principal Deputy CIO David DeVries.
The next president of the United States should establish a cabinet position focused on cybersecurity, and Congress should create a more focused approach to funding and authorizing IT security initiatives, says Larry Clinton, who heads the Internet Security Alliance.
Delta is warning that a power failure lead to system outages, resulting in numerous flight cancellations or delays. As more airline-related processes get computerized, experts are asking why the airline's systems aren't more resilient.
There's no doubt the cyber threat landscape is vast and complex. These days, it's not a question of whether a company will experience a data breach - it's when and how extensive.
Understanding the true cost of a breach is critical to an effective response. The 2015 NetDiligence® Cyber Claims Study breaks down the...
A spate of high-profile, high-impact cyber breaches at several of the largest financial institutions in the United States has brought attention to a point that cybersecurity professionals have long taken as an article of faith: boards of directors need to take an active role in the management of cyber risk.
As stated in a recent issue of the FDIC's Supervisory Insights, the risks presented by cyber attacks have become "one of the most critical challenges [in the last decade] facing the financial services sector due to the frequency and increasing sophistication of cyber attacks." In just a year's time, 2014 to 2015,...
Regardless of how many security controls are placed on a network and the components that are involved in making a network operate, there will always be vulnerabilities in a connected world. So, what do you do in an environment that allows for such risk of compromise?
One of the best methods of protecting...
A government watchdog warned four federal agencies that they must be more diligent in implementing their cybersecurity programs. Otherwise, some of the government's most sensitive information is at risk of being disclosed to unauthorized individuals.
After blaming a recent spate of bank robberies on banks' poor information security practices, SWIFT has changed its tune. Now it says it wants to help financial firms spot related fraud and better share information about unfolding threats.
Anonymous is threatening global banks with 30 days of distributed denial-of-service attack disruptions and temporarily disrupted the Bank of Greece website as a preview. Security experts say all banks should take the DDoS threat seriously.
A jury's decision to award $940 million in damages to electronic health records software vendor Epic Systems, which had sued India's Tata Consultancy Services alleging theft of trade secrets, serves up lessons about the importance of restricting access to all sensitive data, including intellectual property.
Banking institutions and associations are demanding that the Federal Financial Institutions Examination Council make significant changes to its Cybersecurity Assessment Tool. What action, if any, will regulators take in response?
The FFIEC's Cybersecurity Assessment Tool needs to be redesigned, as the tool's current design sets institutions up for cyber-risk assessment failure. Industry leaders say they're hopeful that change is on the way because the FFIEC is reviewing a second wave of comments about the tool's efficacy.