A wave of distributed denial of service attacks on banks raises the question: Should the owners of the nation's critical information infrastructure, when assessing risk, be held to a higher standard because society relies on them to function?
Website outages at leading U.S. banks have garnered global attention. But how concerned should European institutions be that they could be the next targets? A London-based security expert shares insight.
The past two waves of denial of service attacks against banks began on Tuesdays. Will new attacks start today? Security experts discuss the latest DDoS attacks and how organizations should respond.
Managers and internal auditors don't necessarily see eye-to-eye when it comes to the results of an IT audit. PricewaterhouseCoopers' Carolyn Holcomb explains the challenges and solutions.
NIST's Ron Ross, one of the world's top information risk thought leaders, says new guidance he co-wrote doesn't dictate how organizations must approach risk assessment, but gives enterprises options on how to conduct risk appraisals.
The guidance discusses methods, techniques and best practices for the sanitization of target data on different media types and risk-based approaches organizations can apply to establish and maintain a media sanitization program.
The new report aims to help access-control experts improve their evaluation of the highest security access-control systems by discussing the administration, enforcement, performance and support properties of mechanisms that are embedded in each system.
Budgets are a big issue today for those managing their risk management frameworks, says NIST's Ron Ross, who offers his advice on using cloud as a means to save money and improve IT infrastructure.
"With the increasing breadth and depth of cyberattacks ... risk assessments provide important information to guide and inform the selection of appropriate defensive measures so organizations can respond effectively," guidance coauthor Ron Ross says.
Organizations mulling the purchase of cyber insurance should vet their brokers to see if they truly understand policies that provide breach protection, cyber liability lawyer Richard Bortnick says.
The continuing loss of data to China suggests that the federal government should carefully assess the cybersecurity implications associated with the expansion of Chinese cloud and mobile providers in the U.S.
September is the peak of the Atlantic hurricane season. How should organizations in the potential path of these storms assess preparedness? Alan Berman of the Disaster Recovery Institute advises.
As a result of the recent Apple-Samsung verdict, CISOs at organizations need to be mindful of where their software is being sourced from, says patent attorney Jim Denaro.
Cyber is part of our everyday lives. Still, in many cases, a natural - or perhaps an unnatural - divide exists between the virtual and physical worlds. This is especially true in the way we deal with crime.
U.S. banking institutions are making solid progress to conform to the FFIEC Authentication Guidance, says William Henley of the FDIC. So, how are examiners responding to banks' good-faith efforts?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
