The three most common findings during an IT security examination are vendor management issues, a need for improved wire transfer controls, and necessary updates to risk assessments, says Phillip Hinkle, Chief IT Security Examiner for the Texas Department of Banking.
Recent hacks have uncovered security vulnerabilities that should have been addressed years ago. "These attacks are going to escalate," says Josh Corman of The 451 Group. But organizations can implement basic steps to make the hackers' job harder.
An unencrypted laptop computer that's missing from the United Kingdom's National Health Service North Central London health authority contained information on 8.63 million people, according to a report on The Sun newspaper's website.
"Overall, this draft is not balanced," Rep. Henry Waxman, D-Calif., said at a hearing on the measure "It gives businesses too many protections and consumers not enough. It preempts strong state laws and replaces them with a weak federal one."
Adam Greene, the primary author of the proposed accounting of disclosures rule mandated under the HITECH Act, says healthcare organizations preparing to comply should make sure their audit logs are functioning well.
Senate Sergeant at Arms confirms the attack occurred over the weekend and has ordered a review of all Senate computer sites. Hackers' cryptic message suggests they don't like military's intent to use force to combat cyberattacks.
Who's behind the International Monetary Fund breach? Some observers suggest the attack could have been waged by a government to access confidential information about the financial stability of certain global markets.
The growth of the Advanced Persistent Threat has led to breaches in the Department of Defense, particularly in software penetration, enabling hackers to get into government systems and applications.
Fortify's podcast on NDAA and APT, presented by Public Sector President Kelly Collins and Federal Division CTO Rob Roy,...
White House sees the elimination of half of the federal government's 2,000 top-level .gov domains over the next year. OMB deems many sites as redundant, outdated and hard to use with poorly maintained content.
FDIC examiner Donald Saxinger says cloud computing can pose challenges when it comes to business continuity during disasters. Proactive vendor management, he says, is the best way to address potential hiccups before they become big problems.
CEO Jack Tretton didn't minimize the breach, grouping Sony with others that have been hacked in recent weeks. "If you read the newspapers, you realize that there are companies being bombarded with people trying to hack them all the time."
NRC CISO Patrick Howard is among three information security leaders who share their experiences, approaches and challenges from battling data breach incidents that had an impact on their organizations and their careers.
Details surrounding the reported breach of the International Monetary Fund remain sketchy, but alarming. And Gartner analyst Avivah Litan believes there may be "dozens" of similar incidents that have not been disclosed.