IT security leaders rely on penetration testing to determine whether applications are secure. But penetration tests can't be a primary source of assurance, says Jeff Williams, co-founder of OWASP.
Steven VanRoekel says the mobile revolution will fundamentally change the way the federal government serves the public and its employees. But in outlining the Federal Mobile Strategy, the federal CIO hardly mentions security and privacy.
As organizations move to the continuous monitoring of their IT systems to assure they're secure, they rely much more on automated processes. But don't forget the role people play.
In their efforts to enforce security layers and multifactor authentication, are banks and credit unions still missing a core problem - the real vulnerabilities fraudsters are banking on?
"Banks and businesses have to realize: It's not a matter of 'if' when it comes to these attacks," says Barry Rich, CFO of Tennessee's CapitalMark Bank & Trust. "it's just a matter of when."
ACH/Wire fraud was the big story in 2010 and helped influence the updated FFIEC Authentication Guidance. So, have incidents of corporate account takeover decreased in 2011, or are we just hearing less about them?
When the Commonwealth of Pennsylvania suffered a major security breach a few years back, vulnerabilities in a Web application were to blame. CISO Erik Avakian explains how the state developed a process to correct flaws in application code.
Researchers from Kaspersky Lab say at least two other pieces of malware may have been developed on the same computing platform, perhaps by the same individuals.
When Liberty Bank began reviewing online risks to conform with the FFIEC Authentication Guidance, layered security came up as a weak spot. So how did this community institution address its risks?
How prepared are most U.S. banks and credit unions are the first wave of exams since issuance of the FFIEC Authentication Guidance? Insights from industry experts might surprise you.
A new survey identifies the Top 10 Cybersecurity Trends for financial service organizations. Malware and mobility head the list of risks to watch. What are the other key concerns?
These new sites now make Information Security Media Group the largest global network of information security-focused media sites, reaching the most diverse audience of decision-makers in each of ISMG's key markets.
As 2012 nears and federal regulators prepare to examine financial institutions for conformance with the FFIEC Authentication Guidance, just how prepared are banks and credit unions? The answer may surprise you.
Fraud threats have changed little in the past decade. But their global scale has, and James Ratley, president of the ACFE, details how fraud examiners must change their approach to fighting these crimes in 2012.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.