When Mano Paul of (ISC)2 discusses today's top application security challenges, he draws an analogy with sharks. And what he views as the skills needed to tackle today's top threats might surprise you.
Software applications are the lifeblood of every organization, and today's #1 IT security threat is vulnerabilities in these applications. Complexity, interconnection and criticality of source code have resulted in a dangerous proliferation of vulnerabilities and risks.
Register for this session to learn:
Ohio is relatively new to enterprise information security, and according to David Shaw, the state's chief information security officer, there is still much to do to ensure that all the agencies' critical infrastructure is protected.
The rising trend of smartphone usage across the financial services industry is causing concern amongst IT departments struggling to manage policy, security and support. Such challenges can be trumped using effective mobile device management software. Good for Enterprise(TM) allows businesses to access and protect data...
The Fed's ruling on interchange, mandated by the Durbin amendment, offers financial incentives for fraud-prevention investments and could fuel a U.S. move toward new card-payment technologies, like EMV.
People's view of cybersecurity will need to broaden over the next few years, says IT expert Robert Brammer. That's why a consortium has been established to conduct research on the security of computer systems, as well as other areas where computerization has excelled.
The Fed's ruling on interchange cuts mandated by the Durbin Amendment will aid fraud prevention and could accelerate a move to chip-based payments, says Randy Vanderhoof, director of the Smart Card Alliance.
"The FFIEC guidance does a good job of addressing today's and yesterday's threats and suggested techniques, but it is not sufficiently forward-looking," says Gartner's Avivah Litan. "Two years from now, the guidance will be sorely out of date."
The release of the list coincides with the issuance of the Common Weakness Scoring System that allows software makers to identify vulnerabilities in their programs and buyers to determine software they acquire is secure.
Security experts at this week's Gartner Security and Risk Management Summit agree: Security, not compliance, has to be the new focus. Cyberintrusions cannot be stopped, and the RSA breach should be a lesson to the industry.