ISACA's Marc Vael says differences in cloud computing environments and cloud providers can pose security risks. But well thought-out contracts and risk-management plans can fill potential security gaps and ensure business continuity during outages and disasters.
Because information security threats know no borders, the European Network and Information Security Agency is working hard to ensure the solutions span nations, too, says Prof. Udo Helmbrecht, ENISA's executive director.
Performing digital forensics in the cloud isn't necessarily a new discipline, says Rob Lee of SANS Institute. But the task definitely requires a whole new mindset and some new skills from investigators.
Social media, mobility and cloud computing are new areas of risk for organizations, and risk managers need to go back to the fundamentals of understanding the information they are protecting, says Robert Stroud, ISACA's international vice president.
Emerging technology is often touted for enhancing security. But if not properly deployed and integrated, these technologies can hinder rather than improve security.
People's view of cybersecurity will need to broaden over the next few years, says IT expert Robert Brammer. That's why a consortium has been established to conduct research on the security of computer systems, as well as other areas where computerization has excelled.
The new virtualization guidance issued by the PCI Security Standards Council urges organizations to take a risk-based approach when dealing with virtualization methods, especially within cardholder data environments.
Security experts at this week's Gartner Security and Risk Management Summit agree: Security, not compliance, has to be the new focus. Cyberintrusions cannot be stopped, and the RSA breach should be a lesson to the industry.
The FDIC's Donald Saxinger says vendor management programs are getting more scrutiny from regulators, especially in areas of emerging technology, such as cloud computing and mobile banking.
Organizations are starting to adapt to cloud computing, but they're hesitant about placing their core assets in the online environment, according to results from the 2011 ISACA IT Risk/Reward Barometer.
New guidance from the PCI Security Standards Council about the risks associated with virtualized systems aims to help merchants proactively evaluate security before they leap into new deployments.
The PCI Security Standards Council's new guidance on virtualization in the payments space aims to provide best practices for securing the payments chain's virtual platforms and appliances.
What's the top threat on the minds of global IT leaders? Employee-owned mobile devices - or BYOD (bring your own device), as the trend is known. The struggle: Do mobile device benefits outweigh the organizational risks?
Organizations looking to improve their privacy management in the event of a breach "have to continually plan and prepare," says Nationwide's Chief Privacy Officer Kirk Herath. That means putting into writing a comprehensive plan.
Kirk Herath, Chief Privacy Officer at Nationwide Insurance Companies, has been in privacy management for more than a decade, and he has two main concerns about today's enterprise: Mobile technology and cloud computing.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.
