"If not properly implemented, telework may introduce new information security vulnerabilities into agency systems and networks," Office and Management and Budget Director Jacob Lew warns in a White House memo.
Since becoming Vermont's first CISO three years ago, Kris Rowley's been on a quest to create an IT security culture in state government. Rowley's latest initiative, bringing risk assessment in-house, is helping build that culture.
The new FFIEC online authentication guidance update is a good "cookbook" for financial institutions to apply layered security, says Avivah Litan of Gartner.
The FFIEC's updated online authentication guidance urges banks and credit unions to do better jobs of authenticating and identifying devices, areas that aren't bolstering the kind of security they could, says security expert Ori Eisen.
Now that the FFIEC Authentication Guidance update has been issued, there is no more important task for banking institutions than to conduct their risk assessments, says Matthew Speare of M&T Bank Corp.
Doug Johnson of the American Bankers Association says banking institutions should spend the next five months focusing on their risk assessments, as they work to meet the FFIEC's new authentication guidance update.
The threat of a HIPAA compliance audit could prove to be a powerful incentive for healthcare organizations to take adequate precautions to safeguard patient information.
Disciplining IT and IT security managers following a breach of their systems rarely happens, and perhaps there's a good reason they shouldn't be punished.
Federal regulators won't speculate about how many more financial institutions could be shuttered in 2011, but the number isn't expected to exceed 2010, the most recent "peak" year for failures.
The Obama Administration's cybersecurity proposal for breach notification will require collaboration among differing financial-services providers, within and across borders, says Leigh Williams of BITS.
In one of the largest health information breaches reported so far this year, Spartanburg Regional Healthcare System in South Carolina has notified 400,000 of an incident involving the theft of a desktop computer from an employee's car.
Now that the FFIEC's updated online authentication guidance is out, banking institutions need to move forward in preparation for 2012 compliance, says Julie McNelley, banking fraud analyst for Aite Group.
Keeping data secure is the greatest challenge during any merger or acquisition, and the first critical step is figuring out which confidential information could be at risk of exposure.
The Department of Veterans Affairs soon will enable clinicians to use more mobile devices to view patient information, taking several steps to help ensure security.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.
