The arrest of 10 individuals allegedly tied to a global phishing scheme that exploited Facebook is good news. But experts say banking institutions need to push stronger security and authentication to protect accounts.
Eurograbber got banks' attention after compromising out-of-band authentication in Europe. But researchers say it's the knowledge of the hackers behind the attack, not the Trojan, that's most concerning.
The individual implementing security - the chief information officer - can't be the same as the person responsible for testing security, conducting audit and reporting on security weaknesses, South Carolina Inspector General Patrick Maley says.
President Obama has proclaimed December as Critical Infrastructure Protection and Resilience Month, and is using that declaration to continue his campaign to get Congress to enact comprehensive cybersecurity legislation.
Absent a uniform method, the NIST interagency report investigates credential revocation, focusing on identifying missing requirements, and suggests a model for credential reliability and revocation services that addresses those missing requirements.
The leaders in Congress on cybersecurity matters are the chairs of the committees that have jurisdiction over IT security. In both houses, chairmanship changes mean new lawmakers will lead legislative initiatives on cybersecurity in the 113th Congress.