Though IT business application functions and security-focused practices are expected to be integrated as a single process, secure configuration is the management and control of configurations for information systems to enable security and facilitate the management of information security risk.
As far as Dr. Giles Hogben of ENISA is concerned, now might be the golden opportunity for information security experts to influence the security and privacy measures that may help define Internet safety for the next decade or beyond.
On page five of the 2011 FFIEC Authentication Guidance Supplement, the Agencies state that an institution's layered security should include the ability to detect anomalies and effectively respond to suspicious or anomalous activity. Anomaly detection is a proven approach to defending against the array of threats...
"There are still a lot of inexperienced people out there that are passing themselves off as experts," says Scott Laliberte, managing director of Protiviti, outlining the common challenges of penetration testing.
As fraud continues to evolve and affect financial institutions, careers are plentiful for fraud-fighting professionals, says Jean-Francois Legault, a fraud investigations specialist with Deloitte and Touche.
"I don't think there's any connection [to] the investments banks will make in fraud prevention," says Doug Johnson of the ABA. "It's not about making budget cuts; it's about protecting the customer relationship and ensuring security."
The long overdue update to the FFIEC Guidance on Authentication in an Internet Banking Environment is now officially in effect, setting a new standard for online banking security. Since its previous update in 2005, the online banking threat landscape has changed dramatically, creating a significant gap between the...
Tokenization is a rising data security model that is gaining traction with CISOs for reducing risk and complying with industry data security mandates and privacy laws in extended heterogeneous IT environments.
This presentation will introduce tokenization to IT and Security professionals using some practical,...
"The need for fraud-prevention tools increases during times of recession," says Aite Group's Julie McNelley, who does not believe this week's economic shockwaves will hurt organizations' security priorities.
ISACA's Marc Vael says differences in cloud computing environments and cloud providers can pose security risks. But well thought-out contracts and risk-management plans can fill potential security gaps and ensure business continuity during outages and disasters.