At a time when some larger banking institutions are being fined for inadequate anti-money laundering measures, security manager Wendy Chapman says she's taking suspicious activity reporting seriously -- and the efforts are paying off.
"We are looking to build a cybersecurity workforce from the ground up, rather than hire those already trained," says Nicole Dean, Deputy Director of the National Cyber Security Division at DHS. "We are looking to hire the best and the brightest."
Phishy HTML pages get past spam filters, and users of RSA's SecurID two-factor authentication products come up with new ways to monitor threats and take preventive steps in the aftermath of a hacker attack against RSA.
This kind of problem happens to everybody, says Marcus Ranum, CSO of Tenable Network Security, in response to the widely publicized breach at RSA. And maybe hes right. Perhaps this kind of problem does happen to everyone. But should it?
Phishing represented more than half of the 107,439 cyber incidents compiled by the U.S.-CERT for fiscal year 2010 from federal, state and local governments, commercial enterprises, American citizens and foreign CERT teams.
Skimming remains the top threat to ATMs worldwide, but certain regions are also seeing a rise in logical security breaches - malware - according to Chuck Somers, VP of ATM Security and Systems with Diebold, the global ATM supplier.
"In this future, cyber devices have innate capabilities that enable them to work together to anticipate and prevent cyber attacks and recover to a trusted state," says DHS Deputy Undersecretary Philip Reitinger.
International Airline Employees Federal Credit Union of Briarwood, N.Y., reported earlier this month that suspicious transactions from toll booths in France have been hitting the institution's Visa cards.
Users of RSA's SecurID two-factor authentication products, acting on advice from the company, are devising strategies to monitor for threats and take preventive steps in the aftermath of a hacker attack against the products.
Auditors find that the SEC's IT office documented and incorporated National Institute of Standards and Technology patch requirements in its policies and procedures but that guidance wasn't always followed.