Regulators have hinted at it, and industry experts say it's coming. U.S. banking institutions can expect to see new guidance for mobile banking. The open questions are: When, and in what form?
With the surge in use of tablets, smart phones and other mobile devices, it's good to see some privacy and security best practice guidance is in the works.
People, as much as anything else, are a critical aspect of information risk management, and businesses and government agencies must monitor employees - and educate them, as well - to thwart a potential threat from within.
What steps can smaller organizations and their vendors take to ensure security and regulatory compliance? They must transcend what researcher Wendy Nather calls the 'Security Poverty Line.' See how.
President Obama uttered the term "cyber" only once in his 7,200-word State of the Union address Tuesday night, but that fleeting moment about an hour into the speech could prove significant.
"It's a crime like no other crime," says James Ratley, president of the ACFE, describing fraud. "There was not a gun involved, there was not a knife; there was in many cases a ballpoint pen or a computer."
Prosecutors have charged a former computer programmer at the Federal Reserve with stealing software used by the Department of Treasury to track federal collections and payments.
IT security leaders rely on penetration testing to determine whether applications are secure. But penetration tests can't be a primary source of assurance, says Jeff Williams, co-founder of OWASP.
To keep up with emerging technologies and strengthen focus on IT risk and compliance issues, ISACA has recently updated its Certified Information Security Manager exam. Read about the key changes.
You know your company's social media policy is a good one when it starts sounding less like a checklist and more like common sense, says Sherrie Madia, social media expert and author.
Five years ago, the Council of Registered Ethical Security Testers began as an organization to bring standardization to the penetration testing industry. Today, CREST's scope is expanding across industries and global regions, says president Ian Glover.
Improved collaboration and communication between small businesses and financial institutions is the first step toward improving online security, says Mark Patterson, an ACH fraud victim. What else would help?
Security managers need the heads up from non-IT executives before they dismiss employees, some of whom might seek payback for their sacking by pilfering data or sabotaging systems, Carnegie Mellon University's Dawn Cappelli and Mike Hanley say.
Cybersecurity Coordinator Howard Schmidt recognizes the need to battle online piracy to protect U.S. intellectual property but contends legislation before Congress to do just that would unacceptably curtail Internet freedom and increase cybersecurity risks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.