Weeks, months or even years often go by before organizations discover they've been hacked, not learning of the attack until law-enforcement authorities inform them, says recently retired FBI Executive Assistant Director Shawn Henry.
When it comes to the FFIEC Authentication Guidance, Aite analyst Shirley Inscoe fears too many banking institutions are investing only in achieving compliance - not ongoing security.
Eighty-five percent of data breaches go undetected, but organizations have a new type of cop on the beat to ferret out these illicit activities - the data scientist, says Phil Neray, head of security intelligence strategy and marketing for Q1 Labs, an IBM company.
Rep. Dan Lungren introduced an amendment to his onetime bipartisan cybersecurity bill that won only the backing of fellow Republicans with Democratic members of the House Homeland Security Committee objecting to the changes.
How will Diane Ness and BITS help banks reduce fraud? As the new head of fraud-reduction programs for the technology division of the Financial Services Roundtable, Ness says education and communication about emerging threats will be a priority.
Cloud computing for governments in the United States, especially services tailored for the federal government, may not be as efficient or as cheap as many would hope, says Richard Falkenrath, a principal with the security consultancy The Chertoff Group.
Until these deficiencies are fully addressed, a GAO audit reveals, increased risk exists to unauthorized access to sensitive data and programs and disruption of critical operations on managing the federal debt.
Government Accountability Office auditors have identified weaknesses in information security controls at the Securities and Exchange Commission that jeopardize the confidentiality and integrity of the SEC's financial information.
Securing the massive amounts of data swamping organizations, a trend known as big data, can be addressed, in part, by organizations simply getting rid of data no longer needed, Grant Thornton's Danny Miller says.
Is there an ideal message a senior executive can deliver amidst breach response? The recent breach of Global Payments Inc. and the subsequent CEO's response to the incident raise this question.
CIO Roger Baker concurs with auditor's recommendations, saying the Department of Veterans Affairs has "embarked on a cultural transformation" and that "securing information is everyone's responsibility."
Ignorance is not bliss. Two new studies, when viewed together, show that consumers' ignorance of the consequences of their actions coupled with enterprises' unawareness of their computing environment equal unacceptable risk.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.