COBIT 5 for Information Security comes at a time when the IT threat landscape is changing drastically. ISACA's Robert Stroud explains how organizations can use the framework to mitigate the risks.
Understanding threats and identifying modern attacks in their early stages is key to preventing subsequent compromises, and proactively sharing information among organizations is an increasingly effective way to identify them.
More organizations are expected to purchase cyber insurance in the coming years as risk managers become more involved in buying these types of policies.
The United Kingdom and the United States are both cracking down on healthcare organizations that have experienced information breaches. But they're taking very different approaches. Which approach will prove most effective?
The benefits from employing social media as a way to connect with stakeholders outweigh the risks, says David Bradford, the editor of a new survey of risk managers. Still, he says, the risks must be adequately addressed.
High Roller malware attacks are the latest potential threats that point toward the need for layered security controls. What advice do banking/security leaders offer for responding to these attacks?
Whether intentional or not, software features have the potential to leak sensitive information, corrupt data or reduce system availability. The National Institute of Standards and Technology's latest guidance aims to help organizations minimize vulnerabilities.
The National Institute of Standards and Technology says intrusion detection and prevention software has become a necessary addition to the IT security infrastructure of many organizations.
The truth about preventing a breach, like the advanced-persistent-threat attack RSA experienced in 2011, is that an organization can't defend critical systems alone, says RSA CISO Eddie Schwartz.
What exactly is continuous monitoring - and why is it so hard for organizations to get it right?
It is one of the most discussed and least understood concepts in enterprise risk management today. Fundamentally, continuous monitoring is about deploying systems to examine all of the transactions and data processed...
The smart grid is unlike any other type of critical information infrastructure, and its complexity creates a heightened challenge to secure it, says ENISA's Konstantinos Moulinos.
Don't be too quick to write off the PATCO court ruling as a victory for banking customers in the debate over ACH/wire fraud liability. The reversal could actually be a win for banks.
Learning how alleged fraudsters hacked systems and traded in stolen credit- and debit-card numbers can help organizations take steps to protect their customers' and stakeholders' sensitive information.
A new malware intelligence system created by Georgia Tech Research Institute aims to create an information sharing center. How will the system work and how can organizations participate? GTRI's Chris Smoak furnishes the answers.
With the increasing amount of data being collected by organizations, the role of the data scientist has emerged to aid in analysis. What's unique about the role and what job functions does it entail?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.