CISOs increasingly are asked to manage both information security and risk. What new skills and tools do they need to juggle the dual role? David Sherry, CISO of Brown University, shares his views.
Top executives must be transparent with their stakeholders when their IT systems get attacked. Otherwise, their enterprises' reputations could be more severely damaged, says IBM Fellow Luba Cherbakov.
When it comes to fighting DDoS attacks, institutions must understand the threats against them, says Bill Wansley of Booz Allen Hamilton. Varying attack vectors require different modes of detection and prevention.
The hacktivist group Izz ad-Din al-Qassam launched a series of eight sophisticated DDoS attacks at leading U.S. banks. What lessons have been learned so far, and what additional steps can be taken?
Cybersecurity thought-leader Ira Winkler has been appointed new international president of the Information Systems Security Association. What are his goals to grow the organization and its influence?
Employment of IT security professionals in the United States is at an all-time high, our analysis of the latest U.S. government jobs data shows, but the growth in the profession isn't keeping pace with the demand for these skills in business and government.
Delaware state information security officers recently convened for a day of meetings and training to better prepare for incidents in their individual agencies, an event state CSO Elayne Starkey compares to fire drills.
Making an appearance twice a year just to ask for additional budget will not cut it. The CISO needs to make sure the board members know that he or she is a true enabler of the business.
Delaware Chief Security Officer Elayne Starkey leads hundreds of information security officers, many of whom have technical expertise in areas other than security. What can financial institutions learn from her new certification program that provides needed security know-how?
A denial of service attack may pose less immediate risk than a data breach - but it's trickier to respond to, says attorney Ronald Raether. What tips does he offer to organizations targeted by DDoS attacks?
A new PCI certification program aims to improve PCI awareness, but how is the program designed to differ from what's already out there? PCI Council General Manager Bob Russo explains.
Online attacks aimed at major U.S. banks have helped to heighten industry cooperation and information sharing. But experts say not all attacks are equal, and understanding the motivation behind the attack is key.
Banks struck by the wave of DDoS attacks are communicating badly and missing a great opportunity to educate their customers about cybersecurity, says Gregory Nowak of the Information Security Forum.
Delaware Chief Security Officer Elayne Starkey leads, but does not supervise, hundreds of information security officers, many of whom have technical expertise in areas other than security.
When it comes to mobile payments, consumers rely on banks and credit unions to be stewards of security. But how can institutions mitigate risk through a payments mechanism they don't solely own?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.