Application Security can't continue to be the responsibility of just security experts anymore. After all, anyone can code! And while there are certainly best practices, there is no one-size-fits all. A reasonably designed and executed program should make everyone's job easier.
Join this session for first-hand insight...
There's a lot of talk about the malicious insider, but not as much about the unintentional insider. Whether its employees using personal software to simply get the job done or teams selecting and expensing unauthorized software, company information assets are increasingly difficult to manage. The cloud has brought...
With the extensive network systems found in the health care industry, SSH keys are widely used to provide privileged administrative access and to secure machine-to-machine automation for important business functions. However, SSH keys are routinely untracked, unmanaged and unmonitored. This lack of visibility and...
Data in non-production environments occupy a significant percentage of total enterprise data volume--often as much as 80%. Non-production environments also carry more risk than production because there are more direct users. Data security regulations such as GDPR, CCPA, NY DFS etc., do not distinguish between...
From blockchains and surveillance to backdoors and GDPR, a group of leading cryptographers rounded up the top cybersecurity and privacy matters of the day at the cryptographers' panel held at the recent RSA Conference 2019 in San Francisco.
For at least half a decade, HSBC helped to wash hundreds of billions of dollars for drug mobs, including Mexico's Sinaloa drug cartel, as well as move money for terrorist organizations linked to Al Qaeda and Hezbollah and for Russian gangsters. Furthermore, HSBC helped countries like Iran, the Sudan and North Korea...
U.S. organizations were barely GDPR compliant in 2018, when California unveiled its own privacy legislation, the California Consumer Privacy Act, which goes into effect on Jan. 1, 2020. Yet, this is but one of several privacy laws being enacted across the U.S., and it poses many questions about the role of security to...
What does it take to securely migrate nearly all your systems and data onto the cloud, phase out your own on-premises data center, and build shared cyber risk responsibility with third-parties? That's a journey under way at health insurer Wellmark. The health insurer's vice president and CISO Thien La will describe...
At RSA Conference 2019 in San Francisco, Information Security Media Group's editorial team conducted more than 150 video interviews with industry thought leaders. Here are the highlights.
Strong business resilience metrics for measuring effectiveness, simpler networks and smaller tool sets are all needed to cope with the evolving threat landscape, says retired Major General Earl Matthews, senior vice president at Verodin.
Organizations need to go far beyond putting security software on mobile devices and develop a much broader mobile security strategy, says Michael Covington of Wandera.
Faced with the increasing sophistication and maturity of cyber threats, CISOs and security teams need to devise ways to better cope with the high-stress environment, says Webroot's Gary Hayslip,
The quality of authentication provided by behavioral biometrics is improving, says James Stickland, CEO of Veridium. Nevertheless, he says, "we haven't reached a maturity level where it is used as an explicit form of authentication, but it's certainly now deemed as an implicit form of authentication."
DDoS attacks are getting larger in size and shorter in duration at a time when multicloud environments, which lack a single point of monitoring, are becoming more common, says Ashley Stephenson, CEO of Corero Network Security, who offers risk management insights.
The CERT Insider Threat Center at Carnegie Mellon University is one of the world's leading authorities on detecting insider fraud, and it has just released Version 6 of its Best Practices to Mitigating Insider Threats.
As part of this research, the center addresses how to detect and prevent insider fraud, as well as...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.