People, as much as anything else, are a critical aspect of information risk management, and businesses and government agencies must monitor employees - and educate them, as well - to thwart a potential threat from within.
What steps can smaller organizations and their vendors take to ensure security and regulatory compliance? They must transcend what researcher Wendy Nather calls the 'Security Poverty Line.' See how.
"It's a crime like no other crime," says James Ratley, president of the ACFE, describing fraud. "There was not a gun involved, there was not a knife; there was in many cases a ballpoint pen or a computer."
Prosecutors have charged a former computer programmer at the Federal Reserve with stealing software used by the Department of Treasury to track federal collections and payments.
Bringing Your Own Device raises jitters among employers, who worry about exposing or losing sensitive data, and employees, who fret about their bosses spying on them. Despite these anxieties, the trend will continue because that's what people want.
IT security leaders rely on penetration testing to determine whether applications are secure. But penetration tests can't be a primary source of assurance, says Jeff Williams, co-founder of OWASP.
To keep up with emerging technologies and strengthen focus on IT risk and compliance issues, ISACA has recently updated its Certified Information Security Manager exam. Read about the key changes.
You know your company's social media policy is a good one when it starts sounding less like a checklist and more like common sense, says Sherrie Madia, social media expert and author.
U.S. banking institutions could learn a great deal about incident response from how one Singapore bank recently responded to a data breach with customer alerts, and even an apology from the CEO.
With hundreds of schools hosting online information assurance and IT security degree and certification programs, how do students smartly pick the right ones for them?
Improved collaboration and communication between small businesses and financial institutions is the first step toward improving online security, says Mark Patterson, an ACH fraud victim. What else would help?
Security managers need the heads up from non-IT executives before they dismiss employees, some of whom might seek payback for their sacking by pilfering data or sabotaging systems, Carnegie Mellon University's Dawn Cappelli and Mike Hanley say.
Criminal background checks for prospective employees - smart move, or discriminatory practice? Attorney Lester Rosen answers this question and details 2012's top 10 trends in background checks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.