For risk managers, an often overlooked step for minimizing supply chain risks is to continually monitor outsourcers and other third parties to address critical security issues, says the Information Security Forum's Steve Durbin.
Computer scientists at the Georgia Institute of Technology are developing new ways to apply encryption when storing or searching data in the cloud, says Paul Royal, associate director of the university's information security center.
U.S. Attorney Steve Wiggington says identity theft, especially linked to card skimming, is still the No. 1 fraud threat facing financial services institutions as well as consumers. He stresses information sharing is critical for fighting fraud.
Shoring up mobile security gaps should be a top 2014 priority for financial institutions, says Gartner analyst Anton Chuvakin, who contends many other security issues, including managing cloud vendors and other third parties, aren't so urgent.
Every second, 80 "things" are being connected to the Internet, and ISACA's Rob Stroud says that requires information security professionals to identify and mitigate threats, protect individuals' privacy and manage access.
New requirements to mitigate payment card risks posed by third parties, such as cloud providers and payment processors, are a focal point of the PCI Security Standards Council's updated data security standard.
As Michigan deploys its Cyber Civilian Corps, the state will need to address some of the same challenges the federal government faces in sharing cyberthreat information between the government and the private sector, state CIO David Behen says.
Mobile security is no longer about managing devices, says Ian McWilton of Moka5. The real trick is to secure corporate assets through containerization solutions that reduce costs and improve user experience.
Banking executives were among the CEOs who met with President Obama at the White House to discuss cybersecurity strategies. Paul Smocer of BITS explains how this discussion may pay off for financial institutions.
Pennsylvania Chief Information Security Officer Erik Avakian explains how the commonwealth is using a $1.1 million federal grant to pilot a program to furnish single identities to residents who transact state business over the Internet.
For years, researchers have studied malicious insider threats. But how can organizations protect themselves from insiders who make a mistake or are taken advantage of in a way that puts the organization at risk?