How will Diane Ness and BITS help banks reduce fraud? As the new head of fraud-reduction programs for the technology division of the Financial Services Roundtable, Ness says education and communication about emerging threats will be a priority.
Securing the massive amounts of data swamping organizations, a trend known as big data, can be addressed, in part, by organizations simply getting rid of data no longer needed, Grant Thornton's Danny Miller says.
Is there an ideal message a senior executive can deliver amidst breach response? The recent breach of Global Payments Inc. and the subsequent CEO's response to the incident raise this question.
Ignorance is not bliss. Two new studies, when viewed together, show that consumers' ignorance of the consequences of their actions coupled with enterprises' unawareness of their computing environment equal unacceptable risk.
As enterprises spend frugally on IT security, cybercriminals aren't, and that presents big problems for organizations working feverishly to secure their digital assets, says Steve Durbin, global vice president of the Information Security Forum.
Today's threat landscape is challenging enough. But what happens when organized crime adopts the techniques developed by hacktivists? Learn more about the top 10 threats to security by 2014.
Increasingly, social engineers target unwitting insiders to plunder organizations' financial and intellectual assets. How can you prevent these and traditional inside attacks? CMU's Dawn Cappelli offers tips.
Components manufactured overseas that go into IT products used by the U.S. government could be exploited by foreign intelligence agents to degrade the security of critical federal government networks and data, the GAO reports.
As one team of researchers analyzes a new version of Duqu, a worm related to the Stuxnet Trojan blamed for disabling Iranian centrifuges used to enrich uranium, other researchers zero in on who is behind the worm discovered last fall.
"Getting that top level support is the first step to making everything else happen," says Ron Ross, senior fellow at the National Institute of Standards and Technology.
Protecting the availability, confidentiality and integrity of information are the core tenets of IT security. But an FBI cybersecurity leader, Steve Chabinsky, suggests the central theme of IT security needs to be broadened to include assurance and attribution.
Cloud-computing service provider contracts, for most businesses and government customers, are take-it-or-leave it propositions, so organizations must approach a services agreement cautiously, IT security lawyer Françoise Gilbert says.
One important reason why encryption is not more broadly used in healthcare is that many organizations lack an updated risk assessment, says attorney Amy Leopard.
NIST's latest guidance adds controls that reflect the rapidly changing computing environment, but the fundamentals of implementing controls haven't changed, Senior Fellow Ross says in a video interview.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.
