Government Accountability Office auditors have identified weaknesses in information security controls at the Securities and Exchange Commission that jeopardize the confidentiality and integrity of the SEC's financial information.
CIO Roger Baker concurs with auditor's recommendations, saying the Department of Veterans Affairs has "embarked on a cultural transformation" and that "securing information is everyone's responsibility."
Performing a job effectively most of the time doesn't cut it in IT security, as the Internal Revenue Service is being reminded by Treasury Department auditors.
The failure to implement proper security controls exposes Internal Revenue Services financial and tax-processing systems to potential insider threat, putting taxpayer information at risk, a Government Accountability Office audit says.
The FDIC has issued revised guidance describing potential risks associated with relationships to third-party payment processors. What are regulators' new risk-management expectations of banks?
As we close out one year and begin another, we look back at IT security lessons that emerged over the past 12 months. Here are five that should resonate in the coming year.
Veterans Affairs may have been biased when it awarded last year a high-bid, $133 million IT security services contract to the incumbent provider, the consultancy Booz Allen Hamilton, a VA inspector general audit contends.
Fraud threats have changed little in the past decade. But their global scale has, and James Ratley, president of the ACFE, details how fraud examiners must change their approach to fighting these crimes in 2012.
None of the agencies surveyed by GAO could precisely enumerate the number of IT security personnel they employed. In fact, estimates within agencies varied widely, based on who was reporting and analyzing employment data.
Congress reacts to an April inspector general report, which revealed that 36 percent of interviewed FBI field agents assigned to cyber investigations admit they lacked the expertise to investigate cyberintrusions.
Because of increasingly constrained resources, DOT's Office of Chief Information Officer is unlikely to fix within a year some of the security shortfalls detailed in the inspector general's report, CIO Nitin Pradhan says.
Want more money to spend on your enterprise's information security programs? Deloitte's Mike Brown and Amry Junaideen say IT security managers must show their non-IT bosses how the lack of IT security would adversely affect their operations.
The Department of Energy's inspector general identifies flaws in the areas of access controls, vulnerability management, web application integrity, contingency planning, change control management and cybersecurity training.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.