The answer seems obvious, especially in the context of IT security and information risk. Yet, is it, especially when developing codes and standards, as well as funding research and development initiatives that involve taxpayer money?
Heading into 2013, security leaders across industry feel confident about their processes and technology. People, though, continue to create the greatest risks. Can "awareness in depth" make a difference?
Eurograbber got banks' attention after compromising out-of-band authentication in Europe. But researchers say it's the knowledge of the hackers behind the attack, not the Trojan, that's most concerning.
Developing a bring-your-own-device
policy that's well-integrated with an organization's overall information security strategy requires a multi-disciplinary, collaborative approach, says attorney Stephen Wu.
New malware attacks are targeting smart phones, and experts say banking institutions aren't doing enough to detect and prevent those attacks. So where should institutions focus their tech investments in 2013?
Despite numerous data breaches, as well as financial incentives and penalties, many healthcare organizations aren't taking risk assessment requirements seriously. Experts offer insights on best practices.
Accelerated interest in mobile payments is paving the way for new revenue streams. But Javelin's Alphonse Pascual says mobile security products, not payments technology, will reap the most rewards for banks.