Many business leaders lack a clear understanding of the value of identity and access management. CISO Christopher Paidhrin offers a scenario for how to make the case for an IAM investment.
While preparing a speech to be delivered in Korea, NIST's Ron Ross wanted to convey the message of the importance of computer security. He hit on five themes - threat, assets, complexity, integration and trustworthiness - which form the acronym TACIT.
As patent trolls continue to target companies with patent infringement lawsuits, bipartisan Congressional support is building to protect financial institutions, says NAFCU's Brad Thaler.
Version 3.0 of the PCI Data Security Standard goes into effect Jan. 1, 2014. What steps should organizations be taking to prepare for implementation of the standard? Troy Leach and Bob Russo of the PCI Security Standards Council explain.
Whether reports that the National Security Agency entered into a secret contract with security provider RSA are true or not - and RSA says they're not - the reputations of all American security vendors have been tarnished.
President Obama defends the National Security Agency's bulk-collection initiative, but suggests he may adopt some of the recommendations presented by a panel that proposes changes in the NSA's surveillance program.
The final version of the FFIEC's guidance on social media use clarifies how banks should assess consumer and third-party risks. But suggested controls for employee risks are still missing.
To encourage information sharing about cyberthreats, banking institutions need to be protected from liability through the enactment of new federal legislation, says Paul Smocer, president of BITS.
Receiving a notification letter about a data breach brings home the reality of just how common these incidents are - and how much prevention work, including encryption, still needs to be done.
The partial takedown of ZeroAccess, one of the world's largest botnets, is an example of the role that collaboration between business and law enforcement can play in battling cybercrime.
Chase says hackers compromised servers for the bank's UCard Center website for prepaid card accountholders, potentially exposing card numbers. The bank is not reissuing cards, but it's offering free credit monitoring.
Can the two most feared nations in cyberspace finally come to an agreement to stop hacking each other and stealing confidential data? Here's one peace-making approach worthy of consideration.
ATM skimming attacks, and subsequent fraud losses, are increasing, even in European markets where EMV chip cards are the standard. Learn why some experts predict a continued surge in skimming in the months to come.
Wayne Dunn, CTO of HarborOne Bank in New England, says improving vendor management is a top security priority for institutions in 2014. As more core banking functions are outsourced, due diligence becomes increasingly critical.
Attempts to shame China haven't been effective in stopping that country from pilfering intellectual property from the computers of American companies, according to a new report to Congress from a special commission.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.