2011 has offered quite a number of tough lessons for security professionals. Here at (ISC)2, where security education is our focus, the close of another year raises the old teacher's question: "What have we learned, class?"
New research from Carnegie Mellon University's Software Engineering Institute provides further evidence why IT security isn't just the problem of an enterprise's security organization but of its top non-IT leadership as well.
Two stories stand out when I look back on the month of May: the POS PIN pad swap scheme that hit Michaels crafts stores in more than 20 states and the insider job at Bank of America that led to $10 million being stolen from some 300 customer accounts.
Spring is the season for the phishers to come and try to take advantage of to the unsuspecting public in the form of official-looking emails talking of tax refunds, as well as claims that the government has money waiting for them.
It's all anyone wants to talk about.
In the wake of Washington Mutual's historic failure last week and the Wachovia takeover today, all anyone wants to discuss is the enormity of these events what they mean to the banking industry.
I was presenting at a credit union conference this week, where the session before mine covered current economic conditions. The timing was perfect in a macabre sort of way, as the 24 hours prior were filled with news about the Merrill Lynch rescue and Lehman Brothers collapse. As part of the Q&A phase, a prediction...