Security personnel should be required to prove not only that they know how to do things right, but also that they know how to do the right thing. They must demonstrate commitment to ethical behavior.
In the latest update, much was left unsaid about the Global Payments data breach. And if I were a Global customer or card-issuing entity, I'd have some serious follow-up questions.
Insider fraud schemes at three banks in Minnesota, Texas and California illustrate just how difficult it is for institutions to thwart inside jobs. So what steps should banks take to mitigate their risk?
The National Institute of Standards and Technology says intrusion detection and prevention software has become a necessary addition to the IT security infrastructure of many organizations.
At a time when information security sees record growth - in every sector, there are more open positions than professionals to fill them - ISMG's new Job Board offers new resources to job seekers and employers alike.
Debate surrounding the Cybersecurity Act has focused on whether the government should regulate privately owned, critical IT systems. But the bill also would make significant changes on how government governs IT security, co-sponsor Sen. Tom Carper says. See how.
Blaming developers for application security problems is the wrong thing to do. Here are five reasons why application security development fails in the software development ecosystem of many companies.
Data breaches are growing, but Verizon's Chris Novak says most incidents could be prevented by more diligent database monitoring. So what specific steps should organizations take to mitigate their risks?
ISACA just issued COBIT 5 for Information Security, a business-centric approach to governance and IT management. ISACA's Robert Stroud explains what COBIT 5 means to your organization.
The truth about preventing a breach, like the advanced-persistent-threat attack RSA experienced in 2011, is that an organization can't defend critical systems alone, says RSA CISO Eddie Schwartz.
Programs from Carnegie Mellon and the University of Maryland come at a time when organizations not only can't find enough IT security professionals to hire to meet their needs, but often lack the leadership to oversee IT security initiatives.
Falsified credentials are a growing concern for organizations, as job applicants fill their resumes with bogus academic degrees and job titles. Attorney Les Rosen offers tips for better screening.
Removing provisions from the original bill to grant the federal government authority to impose standards on the mostly privately-owned critical IT infrastructure is a concession to win votes from Republicans, who oppose regulation.
How well do U.S. financial institutions conform to the FFIEC Authentication Guidance? One regulatory agency discusses the state of conformance and what its examiners have learned from institutions.
A successful organization in today's business world has most likely cultivated a "brand." Have you ever thought about creating your own brand to enhance your career?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.