Whether intentional or not, software features have the potential to leak sensitive information, corrupt data or reduce system availability. The National Institute of Standards and Technology's latest guidance aims to help organizations minimize vulnerabilities.
The Cybersecurity Act of 2012 is finally coming up for debate on the Senate floor, and a number of senators say they'll introduce amendments to tweak the bill to their liking.
Security personnel should be required to prove not only that they know how to do things right, but also that they know how to do the right thing. They must demonstrate commitment to ethical behavior.
In the latest update, much was left unsaid about the Global Payments data breach. And if I were a Global customer or card-issuing entity, I'd have some serious follow-up questions.
Today's malware threats are designed to quietly and slowly spread to other hosts, gathering information over extended periods of time that leads to exfiltration of sensitive data and creates havoc. Here's what NIST says organizations should do.
How can organizations improve their e-discovery efforts? According to David Matthews, deputy CISO for the City of Seattle, it comes down to building up the necessary skills within your own team.
The National Institute of Standards and Technology says intrusion detection and prevention software has become a necessary addition to the IT security infrastructure of many organizations.
The number of IT security job postings is up 60 percent this year on technology job board Dice.com. What are the top five most in-demand security skills, and what do these jobs currently pay?
Debate surrounding the Cybersecurity Act has focused on whether the government should regulate privately owned, critical IT systems. But the bill also would make significant changes on how government governs IT security, co-sponsor Sen. Tom Carper says. See how.
Blaming developers for application security problems is the wrong thing to do. Here are five reasons why application security development fails in the software development ecosystem of many companies.
Data breaches are growing, but Verizon's Chris Novak says most incidents could be prevented by more diligent database monitoring. So what specific steps should organizations take to mitigate their risks?
The number of phishing sites is at an all-time high. And so are the targeted brands. The message, says Peter Cassidy of the Anti-Phishing Working Group: "No brand is safe."
The PATCO Construction Inc. case, recently reversed by a U.S. appeals court, is seen as a win for fraud victims. But what are the takeaways for banking institutions? Attorney Joe Burton offers insight.
From application security to the network, information security career options are exploding. What are the top jobs, and how must infosec pros distinguish themselves to prospective employers?
Organizations first using the cloud have the chance to test and identify issues. Yet, many neglect to do so, says Gartner's Anton Chuvakin, who offers recommendations for secure cloud computing.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
