When the business demands the latest tools and technologies, saying "no" is not a viable option. "Clearly, these are disruptive things, but they also are extremely valuable," says Simon Godfrey, Director, Security Solutions at CA Technologies UK.
Australia's government agencies can learn a lot from the nation's banks, when it comes to risk management and protecting privacy, says Graham Ingram, General Manager of the Australian Computer Emergency Response Team. "There are too many people in government organisations who are in denial [of risks]," he says.
The Internet is inherently insecure, and the only way to ensure today's evolving information systems is to build them upon three pillars of trust. This is the premise of Mike Ozburn, Principal at Booz Allen Hamilton, which has just authored a new white paper about these pillars.
Banking/security leaders aren't crazy about banking regulators telling them they could have done a better job detecting ACH fraud, and they're eager for more specific guidance on what to do going forward.
In today's world, where certain data must be let in so governments and businesses can realize their missions, firewalls must be able to see the content flowing through networks, NIST Computer Scientists Tim Grance and Murugiah Souppaya say.
Recent incidents of corporate account takeover have pushed regulators, associations and practitioners to call for greater awareness and more collaboration between commercial customers and banks. But is there an ROI to enhanced awareness?
AML concerns heat up, as FinCEN warns U.S. institutions to scrutinize accounts held by foreign political figures. And the unofficial release of an FFIEC draft about online authentication guidance opens regulators to more feedback and criticism.