Organizations in all sectors should take steps now to avoid security and operational risks associated with Microsoft's plans to discontinue support of the Windows XP operating system next year, security experts say.
Knowledge-based authentication is no longer reliable, says fraud expert Avivah Litan, an analyst at Gartner. She explains why so-called behavioral authentication is the only reliable way to verify users.
Randy Trzeciak and his CERT Insider Threat Center colleagues are working to broaden the definition of the insider threat to incorporate not just the risk to information and IT but to facilities and people, too.
Mitigating card risks associated with retail malware attacks and POS vulnerabilities is a focus of updates to the PCI Data Security Standard, say Bob Russo and Troy Leach of the PCI Security Standards Council.
Two states are testing new technologies that, if successful, should make it easier for citizens to securely access government services online with the side benefit of mitigating fraud and identity theft.
Hackers allegedly trafficking in personally identifiable data have reportedly breached the computers of three major data aggregators, raising doubts about knowledge-based authentication as a tool to verify identity.
Version 3.0 of the Payment Card Industry Data Security Standard, to be released later this year, will include a focus on the standardization of compliance assessments, says Bob Russo of the PCI Security Standards Council.
How much of a free hand should units within an enterprise have in deciding social media policy? DHS's inspector general and acting chief privacy officer don't always see eye to eye on how the department should govern social media use.
Phishing attempts against bank employees are on the rise. How can institutions improve their defenses? Daniel Ingevaldson of Easy Solutions offers insights on how to combat advanced phishing techniques.
Termination of an employee after a breach should be reserved for repeat offenders, individuals who show a total disregard for the rules, those who seek to harm another or the most egregious incidents, security expert Mac McMillan contends.