Enterprise security leaders largely understand the business problems posed by a lack of privileged access management. But understanding and overcoming the obstacles to deploying a successful PAM rollout? That's the real challenge, says Alex Mosher of CA Technologies.
Luxury clothing retailer Neiman Marcus has disclosed that a December 2015 breach compromised more sensitive information than first thought. It also disclosed a fresh attack in January that exposed names, contact information, email addresses and purchase histories.
John Kelly, in his first speech as the U.S. homeland security secretary, says the American government can't combat the cyberthreat without the active collaboration of the private sector. "The government, God knows, can't do it by itself," Kelly says.
Bryce Austin, a former technology lead at Target during the retailer's massive November 2013 breach, says the role of the CISO needs to evolve, ensuring that cybersecurity is balanced with the overall needs of the company. He claims tying the CISO's performance to the company's revenue is the best way to do that.
New documents dumped online by the Shadow Brokers group have revealed apparent NSA programs designed to target SWIFT service bureaus in the Middle East as well as a slew of exploits designed to infect Windows systems, patched last month by Microsoft.
Card-not-present fraud rates in the U.S. have not skyrocketed like some experts predicted in the wake of EMV, according to Visa. And Visa's Margaret Reid says that's likely because most large e-commerce merchants in the U.S. are using sophisticated fraud prevention tools that have so far kept fraud rates at bay.
Cyberattackers love not having to reinvent the wheel. At least, that's the tactic favored by the Callisto group, an "advanced threat actor" that's been using leaked Hacking Team spyware to infect targets, says security firm F-Secure.
Concern about privacy spurs consumers to work more closely with their banks, says Robert Zerby, vice president and financial crimes manager within the Community Banking Risk Management division at Wells Fargo Financial Crimes Risk Management.
Park a police car beside a road, and traffic slows down. David Pollino of Bank of the West takes a similar approach to mitigating the insider threat at the institution. What is the bank's 'noisy' program, and how does it discourage rogue behavior? Pollino explains.
When she first joined the Los Angeles County district attorney's office, Maria Ramirez prosecuted street gangs. Now she's cracking down on cyber gangs and is opening her case file to share lessons learned from cases involving business email compromise and ransomware.
Over the past year, fines levied by various regulatory agencies against breached entities have helped to shape and clarify what cybersecurity attorney Joseph Burton calls the cybersecurity standard of care - a standard for reasonable security that courts will turn to when determining liability and fault in the wake of...
When it comes to vulnerability management, many organizations opt to protect only their most critical security gaps - but, meanwhile, the criminals exploit the secondary vulnerabilities. Kevin Flynn of Skybox Security explains why context is everything in managing vulnerabilities.
It has been roughly two years now since the advent of the Retail Cyber Intelligence Sharing Center. How has information sharing improved cyber defenses? And how have criminals upped their game? Brian Engle of R-CISC shares insight.
Mayra Koury wears a lot of hats at $2 billion Tech Credit Union in San Jose. One of them is fraud investigator. Hear how she single-handedly staked out the institution's ATMs and helped law enforcement catch a skimming fraudster in action.
Forty targets in 16 countries were attacked using advanced attack tools and techniques that match the capabilities documented via the "Vault 7" stash of alleged CIA network exploitation documents released by WikiLeaks, Symantec says.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.