New research from Carnegie Mellon University's Software Engineering Institute provides further evidence why IT security isn't just the problem of an enterprise's security organization but of its top non-IT leadership as well.
Roger Baker, CIO at the VA, says desktop computers will eventually phase out, as mobile devices become predominant channels for communication and work. That evolution has made plans for ongoing mobile security a priority for organizations that cross every business sector.
These arrests also highlight the U.S. vulnerability to crimes involving payment cards with magnetic stripes. "The U.S. is a criminal's playground right now," says John Buzzard of FICO Card Alert Service.
President Obama issues an executive order to establish a task force aimed to prevent potentially damaging and embarrassing exposure of government secrets, 10 months after a quarter-million secret diplomatic cables were leaked.
UBS's $2 billion loss to rogue trading provides lessons for all banks. What's missing in today's financial institution culture is a balance between profits, ethics and governance, says risk management expert Frances McLeod.
With the Swiss bank offering new details about the severity of its trading scandal, industry experts share insights on risk management and the failure of systems and staff to detect unauthorized trades.
From 2004 to 2010, Latesha Brown used her privileges to accept and submit forged birth certificates, pay stubs and other documents to obtain loans at several institutions. How did she go undetected for so long?
"You can't have someone arrested for violating your policies," says former Bear Stearns CISO Jennifer Bayuk. "The question is: What did he do, and was there a policy that would have prevented the activity?"
Are executives spending too much time and energy focused on external hacks, sacrificing attention they should be paying to internal threats? It's good that business leaders understand insiders pose risks, but are they taking those risks as seriously as they should?
"If [employees] aren't being treated right and they don't think leaders at the bank are running the bank correctly, they can rationalize committing fraud," says banking/security expert George Tubin on the risk of insider crimes.
Executives in a variety of industries who are in charge of securing their enterprises' IT say they're more anxious about outsiders hacking into their systems than insiders - either maliciously or inadvertently - threatening their digital assets, a new survey shows.