"Organizations have to be able to develop their security plans that really talk to their specific mission," National Institute of Standards and Technology's Ron Ross says. "The overlay concept is introduced to allow that specialization."
Providers of technologies employees acquire through unconventional channels that could bypass their employers' supply-chain controls are known as "shadow suppliers." Here's why you should care about them.
As a result of a major breach of the state's tax system, South Carolina is considering creating a federated model of IT security governance. The plan would create a central organization to determine policies, with individual agencies implementing them.
In the aftermath of an international $45 million cyberheist and ATM cash-out scheme, experts say pinpointing the source of such a massive breach can be difficult. Why?
Malware attacks against retailers are becoming more common. Many breaches linked to these attacks could be prevented, experts say, if merchants took more steps to lock down networks and point-of-sale devices.
From a risk-management perspective, Bloomberg didn't consider its reputation when it allowed its reporters to track the log activity of Bloomberg Terminal customers.
Why are ATM cash-out schemes expected to increase - especially in the U.S.? John Buzzard of FICO's Card Alert Service offers insights, based on federal investigators' most recent global fraud bust.
CERT Technical Manager Dawn Cappelli tells a tale of how three individuals, who unexpectedly quit their jobs at a law firm, used a free cloud service to sabotage files containing proprietary client information from their former employer.
A key difference between state-sponsored espionage and organized criminals or hacktivists is the level of persistence and determination to break through defenses. Here's advice from security experts on defending against nation-state attacks.
The biggest lesson banking institutions can learn from this week's reported $45 million global cyberheist: Old attacks always return. Learn why thwarting these coordinated fraud schemes is challenging.
Cash-out scams are old news. But the size and sophistication of the latest $45 million global fraud scheme that struck banks add up to a troubling trend, says former federal prosecutor Kim Peretti.
Former OMB leaders Karen Evans and Franklin Reeder are trying to determine how to improve evaluation of information security within U.S. federal government agencies in an effort to correct current flaws.
Payment data and personal information are both attractive targets for criminals, says breach investigator Erin Nealy Cox of forensics firm Stroz Friedberg. Learn why she says card data isn't the only lucrative target.
In light of evolving fraud threats, financial institutions increasingly are turning to two-factor authentication solutions. Alex Doll, CEO of OneID, offers advice to help institutions make the right choices.
Cloud computing providers must step up and develop approaches to prevent their employees from stealing or harming customer data they host, say two experts from Carnegie Mellon University's CERT Insider Threat Center.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.