Organizations are not taking the advanced persistent threat seriously enough, says Hord Tipton of (ISC)2. But security professionals also are not mitigating the common threats, he says. Watch the video.
"The changes we propose in revision 4 are directly linked to the current state of the threat space - the capabilities, intentions and targeting activities of adversaries - and analysis of attack data over time," says NIST's Ron Ross.
Concerns expressed by the National Security Agency director come at a time when Congress is split over the role government should perform in determining the security of the mostly privately owned national critical IT infrastructure.
RSA Chief Technologist Sam Curry defends the company's approach to public-key cryptography after researchers suggest a flaw in its encryption algorithm, contending the problem exists elsewhere in the security chain.
Up to now, banks and business have not paid much attention to hacktivists. But that's got to change. In fact, cybersecurity threats waged by hacktivists pose increasing concern.
How do fraudsters rationalize their actions, and do they feel guilt, stress, or even excitement when they actually cross that line into breaking the law? Read their answers to these questions and more.
Verisign Inc. may have followed the letter of the law when revealing a series of breaches in an SEC filing. But the company that assures the flow of a hefty portion of Internet traffic should have been more forthright to ease the minds of its various constituencies.
You know your company's social media policy is a good one when it starts sounding less like a checklist and more like common sense, says Sherrie Madia, social media expert and author.
Steven VanRoekel says the mobile revolution will fundamentally change the way the federal government serves the public and its employees. But in outlining the Federal Mobile Strategy, the federal CIO hardly mentions security and privacy.
When the Commonwealth of Pennsylvania suffered a major security breach a few years back, vulnerabilities in a Web application were to blame. CISO Erik Avakian explains how the state developed a process to correct flaws in application code.
When Liberty Bank began reviewing online risks to conform with the FFIEC Authentication Guidance, layered security came up as a weak spot. So how did this community institution address its risks?
How prepared are most U.S. banks and credit unions are the first wave of exams since issuance of the FFIEC Authentication Guidance? Insights from industry experts might surprise you.
A new survey identifies the Top 10 Cybersecurity Trends for financial service organizations. Malware and mobility head the list of risks to watch. What are the other key concerns?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.