The U.S. Department of Defense has purchased IT gear known to have significant cybersecurity vulnerabilities, according to a new inspector general audit, which also highlights concerns about the use of equipment manufactured in China.
The cause of Capital One's breach is known. But experts say the incident still raises questions over why Capital One held onto personal data so long and if the bank was adequately monitoring administrator accounts.
When it comes to supply chain risk, many organizations overlook how dependent they are on those critical relationships, says Matt Kraning of Expanse. As a result, they are minimizing serious security vulnerabilities. Kraning offers insights on re-thinking that dynamic.
"Key, critical company operations materially...
The Capital One data breach is in early stages of remediation. Art Coviello, former chair of RSA, which was breached in 2011, shares first-hand insight on steps the breached institution and its CEO should be taking now.
When leveraging AI and machine learning to drive banking innovations, it is essential to take a structured approach in implementing security-by-design for conducting proper risk assessment of the organizations and people involved, says Sameer Ratolikar, CISO, HDFC Bank
When it comes to supply chain risk, many organizations overlook how dependent they are on those critical relationships, says Matt Kraning of Expanse. As a result, they are minimizing serious security vulnerabilities. Kraning offers insights on rethinking that dynamic.
A powerful parliamentary committee has called on Britain's new prime minister - be it Boris Johnson or Jeremy Hunt - to make a decision "as a matter of priority" about the extent to which telecommunications gear built by Huawei should be used in the nation's 5G network.
When it comes to supply chain risk, many organizations overlook how dependent they are on those critical relationships, says Matt Kraning of Expanse. As a result, they are minimizing serious security vulnerabilities. Kraning offers insights on re-thinking that dynamic.
After a long privacy investigation, the U.S. Federal Trade Commission voted to levy a $5 billion fine against Facebook, according to the Washington Post and the Wall Street Journal.
As more organizations rely on third parties for various services, managing the security risks involved is becoming a bigger challenge. Three CISOs offer insights on their real-world strategies for success.
Where is the data, who has access to it, and how is it being secured? These are among the top questions inherent in any third-party risk program. Cris Ewell, CISO of UW Medicine, shares insight from his experience managing vendor risk.
Really good third-party cybersecurity risk management is essential to enterprise success. Done well it enables an organization to realize at the speed of business the benefits of outsourced systems and services. Done poorly it results in the business missing out on strategically important opportunities or, even worse,...
The firmware of more than 500 Huawei networking products is riddled with security weaknesses that make the vendor risky to use for 5G networks, a new report contends. The study analyzed more than 9,000 firmware images in 558 enterprise products from the Chinese company.
An effective third-party risk management program starts with asking the right questions, says Brad Keller, chief strategy officer and senior vice president at the Santa Fe Group, a strategic advisory company, who spells out key issues to address.
Too many organizations around the world take a "bare minimum" approach to third-party risk management, says Jonathan Ehret, founder of the Third Party Risk Association, who offers risk mitigation insights.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
