NIST's latest guidance adds controls that reflect the rapidly changing computing environment, but the fundamentals of implementing controls haven't changed, Senior Fellow Ross says in a video interview.
Banking regulators have begun examining institutions for conformance to the FFIEC Authentication Guidance. What gaps will they find? Terry Austin of Guardian Analytics offers insight and security tips.
White House Cybersecurity Coordinator Howard Schmidt, in an exclusive interview, expresses optimism that Congress could enact significant cybersecurity legislation this year even if President Obama doesn't get all that he wants in an IT security bill.
WLANs often have weaker configurations and authentication processes that make them vulnerable for attackers to penetrate and gain access to sensitive information. New guidance from NIST is aimed at helping organizations meet security challenges.
"It was purely my networking that saved us and gave us time to defend ourselves appropriately," says Abbas Kudrati of the National Bank of Kuwait, following a recent cyber incident that impacted the bank.
Organizations are not taking the advanced persistent threat seriously enough, says Hord Tipton of (ISC)2. But security professionals also are not mitigating the common threats, he says. Watch the video.
"People appreciate being contacted when particular transactions look risky," says Peter Tapling, President and CEO of Authentify. "Out-of-band authentication provides the opportunity to do that in real-time, at very low cost to the institutions."
Far too many identity solutions today rely on simple user names and passwords, says Brent Williams, CTO of Anakam Identity Services - the identity product line of Equifax. But the future of identity is bright, he says.
Detectives have arrested seven suspects and seek 13 more in an ATM skimming investigation involving hundreds of credit and debit cards compromised in parts of Canada, the U.S., Australia and Indonesia.