On June 28, the FFIEC released its final, formal version of its Authentication Guidance. Not even one month later, we've created three new training programs to help banking institutions understand and conform with the guidance.
"The action and manifestation of risk is not necessarily evident to today's users in the way it was in the past, and that creates a big inherent challenge for a CISO," says Malcolm Harkins, CISO at Intel Corp.
There was good news and bad news in the reporting of major health information breaches in the past month. The good news: Only four incidents were added to the official federal tally. The bad news: One of those incidents affected 400,000 individuals.
The Privacy and Security Tiger Team is spelling out best practices for giving patients clear and simple guidance regarding how to safeguard electronic health records when downloading them from a hospital or a clinic.
Though America remains dominant on land, sea and air, technical and economic barriers to gain entry in cyberspace are much lower for adversaries, and as a result, place the United States' networks at great risk, GAO says.
Dickie George of the National Security Agency has one word to describe the state of information security education today: "Spotty." And this state must improve if we hope to fill all the growing demand for security pros.
It is no longer enough for information security professionals to secure critical information. They also need to be asking about the legitimacy of where this information comes from, says John Colley, managing director of (ISC)2 in EMEA.
From the exposure of thousands of Citi cardholders to the Michaels debit breach, fraud continues to impact card issuers. Involving the consumer in prevention is a step financial institutions must take, says Javelin's Phil Blank.
You know the tune: Cyber thieves pirated the town's banking credentials, arranged some bogus "payroll transactions" with the town's bank and then next thing you know ... money mules are transferring funds to the Ukraine.