National Security Agency Director Keith Alexander declined to say that the agency would stop using contractors in top secret IT positions to prevent a leak such as the one that exposed NSA programs to collect metadata on American citizens.
Financial fraud expert Joe Rogalski explains why card issuers are ultimately responsible for losses linked to ATM cash-out schemes, like the $45 million worldwide cyberheist that made headlines last month.
A House panel establishes a bipartisan supply chain working group to explore the federal government's role in helping industry assure that IT and telecommunications wares they buy abroad are safe from exploits.
From a risk-management perspective, Bloomberg didn't consider its reputation when it allowed its reporters to track the log activity of Bloomberg Terminal customers.
A key difference between state-sponsored espionage and organized criminals or hacktivists is the level of persistence and determination to break through defenses. Here's advice from security experts on defending against nation-state attacks.
Does legislation designed to get businesses and governments to share cyberthreat information provide adequate civil liberties protections? Find out what's at the heart of the debate.
Bank of America confirms hacktivists' reports about a breach of a third-party service provider working with the bank to analyze public data. How did the breach occur, and what information was exposed?
The National Credit Union Administration is the second federal regulator to issue a warning about fraud risks linked to DDoS. One legal expert says banking institutions must heed the warning.
Federal regulators have issued draft guidance for the use of social media. What are the specific security risks? The FDIC's Elizabeth Khalil discusses how banking institutions can address emerging threats.
Outsourcing to the cloud poses new risks, especially for card data. The PCI Council addresses those risks in its just-released cloud security guidance, and Bob Russo offers exclusive insights.
As a growing number of enterprises turn to cloud computing, the government could reclassify the cloud as a critical infrastructure, putting it on par with electrical grids, public-health networks and banking systems. Will regulations follow?
U.S. banks are improving efforts to thwart distributed-denial-of-service attacks. But they're struggling to find the balance between informing customers and giving attackers too much publicity.
CISOs' top three priorities for 2013 are emerging threats, technology trends and filling security gaps, says RSA CISO Eddie Schwartz. But what new strategies should leaders employ to tackle these challenges?
A growing concern for enterprises is ensuring the integrity of the computer products they buy. What steps need to be taken to vet a product's reliability? Gartner Fellow Neil MacDonald explains.
The initiative known as VET seeks innovative, large-scale approaches to verify the security and functionality of commodity IT devices purchased by DoD to ensure they're free of hidden backdoors and malicious functions.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.