Since the summer of 2009, financial institutions and their corporate customers have been defrauded by increased incidents of account takeover. These incidents have pitted banks and customers against one another in court, and they were a key impetus behind the release of the new FFIEC Authentication Guidance. So, how...
Security incidents reported over the past five years have placed the confidentiality, integrity and availability of sensitive government information and information systems at risk, an annual GAO review reveals.
The certificate authority system is flawed. It's like the Wild West, disjointed and unregulated, where no enforcement exists for standardized accountability.
An enterprise risk management (ERM) program is more than a collection of organizational functions. ERM integrates all risk efforts under one set of common definitions, process framework, and system solutions. Join a banking/security leader to hear how she developed and grew her institution's ERM program, including...
Healthcare organizations need to take five key steps to prepare for the upcoming HIPAA compliance audit program, says compliance specialist Bob Chaput.
Government Accountability Office auditors say a lack of prioritization has kept agencies from requiring the use of personal identification verification credentials to obtain access to federal computer systems.
The inability of the Department of Homeland Security to implement appropriate IT and application controls has placed at risk the confidentiality, integrity and availability of DHS's financial and operational data, according to an audit conducted for the department's inspector general.
Software applications are the lifeblood of every organization, and today's #1 IT security threat is vulnerabilities in these applications. Complexity, interconnection and criticality of source code have resulted in a dangerous proliferation of vulnerabilities and risks.
Register for this session to learn:
How...
Comptroller General Gene Dodaro uses the approaching 10th anniversary of the Sept. 11 terrorists attacks to assess the progress DHS made in implementing its security missions, including cybersecurity.
Layered security is one of the core tenets of the new FFIEC Authentication Guidance - and it's perhaps the most effective strategy for detecting and preventing banking fraud schemes. But what are some of today's most mature approaches to layered security, and how are banking institutions employing them to detect and...
Whether you're preparing for the upcoming HIPAA compliance audits, pondering a move to cloud computing or developing a social media policy, it pays to get privacy and security tips from experts in the field.
With the FFIEC Authentication Guidance update, regulators have raised the bar: Traditional security controls are insufficient. Banking institutions now must adopt a layered approach to securing high-risk online banking systems.
But how does one choose among all of the layered security options? And then, after...
For too long, banking institutions have paid only lip service to the need for developing information security awareness and education programs for their customers.
But now, as directed by the FFIEC Authentication Guidance, institutions as of January 2012 are expected to manage a robust awareness and education...
"If left unaddressed," GAO says, "these issues will continue to increase FDIC's risk that its sensitive and financial information will be subject to unauthorized disclosure, modification or destruction."
Rep. Mary Bono Mack, at left in photo, wants security provider McAfee to brief the House subcommittee she chairs on its report of cyberattacks waged against governments and global businesses for more than five years it labels Shady RAT.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.