When the Commonwealth of Pennsylvania suffered a major security breach a few years back, vulnerabilities in a Web application were to blame. CISO Erik Avakian explains how the state developed a process to correct flaws in application code.
Regulators push tougher cybersecurity measures. But the challenge for smaller organizations isn't compliance - it's budgets. Wendy Nather of 451 Research defines the 'Security Poverty Line' and what to do about it.
The scheme allegedly involved insiders recruited by fraudsters to steal information about more than 200 individuals and organizations. How can institutions improve background screening and prevent fraud?
As 2012 nears and federal regulators prepare to examine financial institutions for conformance with the FFIEC Authentication Guidance, just how prepared are banks and credit unions? The answer may surprise you.
A new survey finds that 56% of U.S. banking institutions have conducted risk assessments, but 87% have deployed layered security controls. Are banks ready to conform with the FFIEC Authentication Guidance?
Fraud threats have changed little in the past decade. But their global scale has, and James Ratley, president of the ACFE, details how fraud examiners must change their approach to fighting these crimes in 2012.
The plan identifies opportunities to engage the private sector in activities for transitioning promising R&D into practice. It prioritizes the development of a "science of security" to derive first principles and the fundamental building blocks of security and trustworthiness.