Advice from the report, Bring Your Own Device: A Tool Toolkit to Support Federal Agencies Implementing BYOD Programs, is applicable to all types of public and private organizations.
Preparing for an exam to assess FFIEC Authentication Guidance conformance can be daunting. But according to one bank's experience, it doesn't have to be. What words of advice does this institution share?
By combining responsible management, risk management and compliance functions and internal audits, organizations will go far in securing their data and systems, says PricewaterhouseCoopers Partner Carolyn Holcomb.
More than a year after issuance of the FFIEC Authentication Guidance, many smaller banking institutions still struggle to conform. How are service providers such as Q2ebanking stepping in to assist?
Information sharing has been trending upward, according to data from the monthly cybersecurity index. And while it's not surprising, it is "gratifying," says index co-publisher Dan Geer.
COBIT 5 for Information Security comes at a time when the IT threat landscape is changing drastically. ISACA's Robert Stroud explains how organizations can use the framework to mitigate the risks.
Understanding threats and identifying modern attacks in their early stages is key to preventing subsequent compromises, and proactively sharing information among organizations is an increasingly effective way to identify them.
The benefits from employing social media as a way to connect with stakeholders outweigh the risks, says David Bradford, the editor of a new survey of risk managers. Still, he says, the risks must be adequately addressed.
"We find it hard to believe that there are any reasons or basis to oppose this legislation," presidential counterterrorism adviser John Brennan says of the Cybersecurity Act of 2012. "I'm just very puzzled as to why individuals would oppose this."
High Roller malware attacks are the latest potential threats that point toward the need for layered security controls. What advice do banking/security leaders offer for responding to these attacks?
Banking institutions are focusing on risk assessments. But what other steps are they taking to conform to the FFIEC Authentication Guidance? The ABA's Doug Johnson shares what he hears from banks.
Security personnel should be required to prove not only that they know how to do things right, but also that they know how to do the right thing. They must demonstrate commitment to ethical behavior.
Whether intentional or not, software features have the potential to leak sensitive information, corrupt data or reduce system availability. The National Institute of Standards and Technology's latest guidance aims to help organizations minimize vulnerabilities.
The National Institute of Standards and Technology says intrusion detection and prevention software has become a necessary addition to the IT security infrastructure of many organizations.
The truth about preventing a breach, like the advanced-persistent-threat attack RSA experienced in 2011, is that an organization can't defend critical systems alone, says RSA CISO Eddie Schwartz.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.