Blaming developers for application security problems is the wrong thing to do. Here are five reasons why application security development fails in the software development ecosystem of many companies.
ISACA just issued COBIT 5 for Information Security, a business-centric approach to governance and IT management. ISACA's Robert Stroud explains what COBIT 5 means to your organization.
"If I came into this job thinking the way I once thought, I'd be worthless," RSA Chief Information Security Officer Eddie Schwartz says. "If your playbook as CISO has not changed in the last seven years ... you're in deep trouble."
Removing provisions from the original bill to grant the federal government authority to impose standards on the mostly privately-owned critical IT infrastructure is a concession to win votes from Republicans, who oppose regulation.
Medical identification theft is on the rise. Will healthcare reform, as recently affirmed by the Supreme Court, help reverse that trend? Here's why it's difficult to predict the impact of reform.
How well do U.S. financial institutions conform to the FFIEC Authentication Guidance? One regulatory agency discusses the state of conformance and what its examiners have learned from institutions.
A successful organization in today's business world has most likely cultivated a "brand." Have you ever thought about creating your own brand to enhance your career?
"The reality is that, if you look across IT, IT people are very good at so many things; they're much better at it in a lot of cases than security people are," RSA CISO Eddie Schwartz says.
IT security expert Francoise Gilbert says the FFIEC's new resource document on cloud computing understates the risks all banking institutions should consider. What areas is she most concerned about?
Federal regulators have received a wide array of comments on preliminary plans for federal guidelines for health information exchange, with some advocating mandatory, rather than voluntary, standards.
Eight class action lawsuits filed in the wake of a 2011 data breach involving TRICARE, the military health program, and affecting nearly 5 million individuals have been consolidated into one case that will be handled by the U.S District Court in Washington, D.C.
BITS is ramping up its work with federal regulators around pending legislation. What initiatives is the group spearheading, and how can banking institutions play an integral role in the process?
In a tribute, we remember Terrell Herzig, information security officer at UAB Health System, an innovator who was passionate about sharing best practices for protecting sensitive information.
Information security isn't just the domain of those branded information security professionals but also requires the knowledge of nearly every other IT occupation as well as individuals in many non-technology jobs, too.
The HIPAA audit protocol just released by the Office for Civil Rights is a basic guide that some observers think would be more helpful with meaty guidance. Read what they want to see addressed.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.