The massive initiative to deploy continuous monitoring at U.S. federal government agencies will be done in phases, with the initial rollout occurring over three years, the Department of Homeland Security's John Streufert says.
As the federal government ramps up deployment of continuous monitoring, agencies should significantly reduce the time to certify and accredit IT systems and detect vulnerabilities, says the Defense Department's Robert Carey.
Many banking institutions have done a poor job of addressing call-center fraud, says IDC analyst Jerry Silva, who offers tips on addressing the challenge of balancing customer service with security.
Gartner analyst Avivah Litan says fraudsters are using DDoS attacks as a distraction for a new, extremely effective account takeover scheme. How should institutions respond to this emerging threat?
Because big data brings significant benefits - and risks - CEOs and boards of directors must take charge of developing privacy protection policies, ISACA International Vice President Jeff Spivey says.
Today's advanced threats are no secret. Focusing the correct resources on them is the true challenge, says Will Irace of General Dynamics Fidelis Cybersecurity Solutions. He offers tips for harnessing the right skills and technology.
Version 3.0 of the PCI Data Security Standard is coming, and draft guidelines reflect the impact of recent retail breaches. PCI GM Bob Russo explains big changes to ensuring payment card security.
As new state health insurance exchanges gear up for open enrollment Oct. 1, privacy expert Chris Rasmussen asks whether regulators will miss the deadline for a risk analysis of a key data services hub.
Bruce McConnell, who just stepped down as one of the federal government's top cybersecurity policymakers, says he understands why some lawmakers don't trust DHS with significant authority to safeguard government IT.
The old saw of a blind squirrel fortuitously finding an acorn reminds the Atlantic Council's Jason Healey of cyber-assailants from third-rate cyber-power Iran, believed to be behind DDoS attacks on U.S. banks.
It's time to start thinking about the next wave of DDoS attacks, says Neustar's Rodney Joffe. And it's time for other critical infrastructure industries - not just banks - to assess their risks.
Organizations won't effectively share cyberthreat intelligence until they have more efficient ways of gathering and prioritizing data, says EMC's Kathleen Moriarty, author of a new report about information sharing weaknesses....
Though others deemed Bruce McConnell as one of the government's most innovative security thought-leaders, he says his vision of how best to secure IT evolved during his just-ended 4-year tenure at DHS as a senior cybersecurity policymaker.
Because mobile payments are so new, banking institutions worldwide are still trying to understand which threats to address first, says payments fraud expert Neira Jones.
It's an increasingly common question from CEOs. "How is our security program protecting the business?" Pamela Gupta of OutSecure shares insight on what CISOs should demonstrate when they answer that question.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.