How well do banks conform to the FFIEC's updated Authentication Guidance? Gartner analyst Avivah Litan says most have made progress, but they still struggle with the details.
Until these deficiencies are fully addressed, a GAO audit reveals, increased risk exists to unauthorized access to sensitive data and programs and disruption of critical operations on managing the federal debt.
Government Accountability Office auditors have identified weaknesses in information security controls at the Securities and Exchange Commission that jeopardize the confidentiality and integrity of the SEC's financial information.
Most bankers doubt that big technology investments will reduce fraud, according to the 2012 Faces of Fraud survey. Why don't they believe technology is the answer?
Global Payments' public response to the data breach that exposed card data on 1.5 million debit and credit accounts has, frankly, raised more questions than offered answers.
As enterprises spend frugally on IT security, cybercriminals aren't, and that presents big problems for organizations working feverishly to secure their digital assets, says Steve Durbin, global vice president of the Information Security Forum.
Today's threat landscape is challenging enough. But what happens when organized crime adopts the techniques developed by hacktivists? Learn more about the top 10 threats to security by 2014.
Increasingly, social engineers target unwitting insiders to plunder organizations' financial and intellectual assets. How can you prevent these and traditional inside attacks? CMU's Dawn Cappelli offers tips.
Components manufactured overseas that go into IT products used by the U.S. government could be exploited by foreign intelligence agents to degrade the security of critical federal government networks and data, the GAO reports.
The Defense Department will employ a two-prong approach - securing the perimeter as well as the data - as it develops its cloud-computing architecture. "We're going to be able to better protect as we get more standardized," CIO Teresa Takai says.
As one team of researchers analyzes a new version of Duqu, a worm related to the Stuxnet Trojan blamed for disabling Iranian centrifuges used to enrich uranium, other researchers zero in on who is behind the worm discovered last fall.
Protecting the availability, confidentiality and integrity of information are the core tenets of IT security. But an FBI cybersecurity leader, Steve Chabinsky, suggests the central theme of IT security needs to be broadened to include assurance and attribution.
Cloud-computing service provider contracts, for most businesses and government customers, are take-it-or-leave it propositions, so organizations must approach a services agreement cautiously, IT security lawyer Françoise Gilbert says.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.