Gigi Hyland of the NCUA says the latest draft of online authentication guidance is awaiting final signoff from just one FFIEC member agency. And Verizon's new data breach report finds that compromised records resulting from data breaches dropped dramatically in 2010, but the number of breaches continues to grow.
This week's top news and views: New legislation aims to get more support for cybersecurity initiatives, flaws found in air traffic control system and Verizon's 2011 data breach report. Don't miss our audio week-in-review podcast by Executive Editor Eric Chabrow
North American Clearinghouse Association, not the government, led the effort to move Food Stamps to e-payments. That's what the government wants to do with the National Strategy for Trusted Identities in Cyberspace initiative, the fed's NSTIC point man says.
"Without improvements, the weaknesses identified may limit program and site-level officials' ability to make informed risk-based decisions that support the protection of classified information and the systems on which it resides," says Rickey R. Hass, deputy inspector general for audits and inspections.
From mobile devices to social media and cloud computing, IT governance is all about risk management. "You can't de-risk everything, but you can de-risk the majority of circumstances you will see in normal operations," says governance expert Robert Stroud.
About the same percentage of respondents cite China as a major source of concern for cyberattack as they did a year ago, a McAfee study reveals. What changed? Concern about the U.S. has declined, says study author Stewart Baker.
Key questions: What impact - if any - will the recent RSA and Epsilon data breaches have on the FFIEC's pending authentication update? And when will this long-awaited banking guidance finally be released?
Physicians who use social media to discuss their work, even without naming patients, risk privacy violations, a recent case in Rhode Island clearly illustrates. The case is an eye-opener for all clinicians about social networking risks.
Healthcare organizations should provide their staffs with training on how to guard against identity theft regardless of whether they must comply with the federal Red Flags Rule, says fraud prevention expert Jeremy Miller.
The latest Verizon Data Breach Investigations Report is out, and the good news is: The number of compromised records is down. The troubling news is: The number of breaches is up. Bryan Sartin, one of the report authors, explains why.