Creating circles of trust - networks of IT security professionals who rely on one another - is a key element in forthcoming National Institute of Standards and Technology guidance on incident response.
To address the insider threat, Jeremy Walczak of Independent Health is using a privileged identity management system. Walczak and other experts offer detailed insights on mitigating emerging threats.
An emerging concept known as accelerated breach response aims to improve how organizations react to such incidents. What are the hallmarks of the new approach? Attorney Ellen Giblin offers insights.
The FFIEC's 2012 guidelines for cloud providers highlight due diligence, and institutions that don't adequately screen vendors face trouble. Troy Wunderlich of Washington Trust Bank offers tips.
Because big data brings significant benefits - and risks - CEOs and boards of directors must take charge of developing privacy protection policies, ISACA International Vice President Jeff Spivey says.
Account takeover techniques are getting more sophisticated; new "account checkers" are helping hackers automate their processes. The trend is just one more reason why we need advanced forms of authentication.
In the wake of Arbor Network's recent discovery of a new botnet that's brute-forcing passwords on WordPress sites, security experts, including Nick Levay of Bit9, recommend beefing up password security on web applications.
Three U.S. banks have been targeted by new DDoS attacks that apparently had little impact. As bank defenses improve, some experts say the attackers may shift targets to other industries affecting critical infrastructure.
As organizations use social media to grow their online presence, questions of ownership become an increasing concern, says Alan Brill of Kroll, who advises organizations on how to mitigate risks.
Version 3.0 of the PCI Data Security Standard is coming, and draft guidelines reflect the impact of recent retail breaches. PCI GM Bob Russo explains big changes to ensuring payment card security.
How relevant is customer education? Readers weigh in with thoughtful responses to two recent guest blogs that tackle the question from two perspectives: the education proponent and the critic.
At $1.5 million, it's one of the largest account takeover incidents on record. Attorneys review the Efficient Services Escrow case and ask who will be held responsible - the customer or the bank?
The old saw of a blind squirrel fortuitously finding an acorn reminds the Atlantic Council's Jason Healey of cyber-assailants from third-rate cyber-power Iran, believed to be behind DDoS attacks on U.S. banks.
Breaches are expensive, embarrassing and entice additional scrutiny from regulators and consumers alike. By taking eight key steps, you can protect private information and lessen the impact of breaches when they occur.
Moscow-based cyber-intelligence firm Group-IB is working with INTERPOL to monitor and track online criminals. The purpose: to take down botnets throughout the world.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.