It's been well over a year since the passage of the Dodd-Frank Wall Street Reform and Consumer Protection Act. How should banking institutions prepare for the hundreds of new regulations expected to come as a result of this landmark legislation?
Melissa Hathaway doubts Congress will enact a cybersecurity law. "I fear we will continue to watch the bills 'sit here and wait, while a few key congressmen sit and debate. It's not easy to become a law," she writes, citing a kid's jingle.
In the areas of risk management and business continuity, security professionals have advanced significantly since Sept. 11, 2001. But there's still an issue of complacency that needs to be addressed, says Rolf von Roessing, past international vice president of ISACA.
Former CIA lawyer and senior congressional staffer Suzanne Spaulding will assume the Federal Protective Service, Infrastructure Protection, Risk Management and U.S.-Visit portfolios. Current Acting Deputy Undersecretary Greg Schaffer will oversee cybersecurity.
Information security poses a major challenge to the widespread adoption of cloud computing, yet the Cloud Security Alliance, an association of cloud stakeholders, sees the cloud as a provider of information security services.
As smartphone usage grows, so do emerging threats of mobile malware. When it comes to mobile banking security, financial institutions can only do so much. Security solutions will have to come from mobile vendors, says ENISA's Giles Hogben.
Want to reduce ATM skimming incidents? Heed the advice of Seattle-area banking institutions and law enforcement officials, who have gleaned a half-dozen clues from that region's recent fraud investigations.
Breach notification laws in most states would be preempted if a bill approved by the Senate Judiciary Committee becomes law. But that's a big if because of GOP objections, such as those voiced by the panel's ranking member, Charles Grassley.
Known as "recursion" among his LulzSec compatriots, Cody Kretsinger is among the hacking group's members responsible for the breach of Sony Pictures Entertainment computers between May 27 and June 2, according to federal authorities.