How to Identify Meaningful Alerts from the Security Noise
The Latest News
-
OCC: Third-Party Cyber-Risks Growing
Director Offers Review of New Cyber-Resiliency Guidance
Kevin Greenfield, director of bank IT for the Office of the Comptroller of the Currency, says FFIEC agencies are working to help financial institutions shore up cybersecurity, and a big focus for regulators is third-party risks. Read more...
-
Article
Could Costs Impede Info-Sharing Plan?
Scrutinizing Obama's Cyberthreat Information Sharing Strategy By Eric Chabrow
Small and mid-size businesses might not be able to afford participating in voluntary programs to share and receive cyberthreat information, as President Obama has proposed, industry representatives tell Congress.
-
Article
Apple, Android Prep 'Freak' Fix
Exploiting Crypto Flaw Breaks HTTPS on Devices, Sites By Mathew J. Schwartz
Many Apple and Android devices are vulnerable to a TLS/SSL "Freak" flaw, which could be exploited to subvert secure Web connections. The flaw is a legacy of U.S. government export restrictions on strong crypto.
-
Article
Reversal of Fortune: DHS Funding OK'd
Boehner Persuades Enough GOP Lawmakers to Back Measure By Eric Chabrow
Congress has voted to fund the Department of Homeland Security through September, the end of the fiscal year, averting another threatened shutdown that would have curtailed some cybersecurity programs.
-
Article
Anthem Attribution to China: Useful?
Report Links Breach to Chinese Professor; Experts Respond By Mathew J. Schwartz
A new report details new clues suggesting that the massive data breach involving health insurer Anthem was launched by Chinese hackers. But will such evidence help businesses blunt future APT attacks?
-
Article
Cool Reception for Obama's Privacy Plan
Businesses Would Help Define Consumer Privacy Bill of Rights By Eric Chabrow
The Obama administration's discussion draft for a Consumer Privacy Bill of Rights law has some of the president's usual supporters saying they're disappointed in his proposal. Find out why.
Featured Interviews
-
Why Hide Cyber Skirmishes With Iran?
Audio Blog: Need for Transparency to Build Better Defense
Were DDoS attacks against major American banks in 2012 waged in retribution for U.S. government actions? A recently leaked top-secret memo prepared in 2013 for Keith Alexander, who was then NSA...
-
Understanding the Hacker Mindset
Learning About Motives, Tactics Key to Mitigating Risks
Learning more about potential attackers and their preferred information targets is one of the best ways organizations can mitigate their cyber-attack risks, says Bank of the West's David Pollino, a...
Webinars
-
'Black Friday' Cybersecurity Challenges for the Banking & Merchant Community
A number of high-profile retailers experienced breaches during the 2013 holiday season, which led to unprecedented repercussions such as brand damage, increased audit scrutiny and loss of market...
-
Advances in Application Security: Run-time Application Self Protection
Enterprise information security encompasses a broad set of disciplines and technologies, but at the highest level they can be broken down into three main categories: network security, endpoint...
White Papers
-
NSS Labs - A Web Application Firewall Product Analysis
Read this 18 page in-depth NSS Labs report on the FortiWeb-1000D which achieved an overall block rate of 99.85% at $3 TCO per protected Connection Per Second (CPS) placing it in the "Recommended"...
-
Threat Brief: A Detailed Analysis of Targeted Email Attacks
It is well documented in high profile data breaches, industry reports and analyst briefs that today's sophisticated attacks often begin with email and end in exfiltration of sensitive data. What are...
ARTICLE
FFIEC Issues Cyber-Resilience Guidance
New business continuity guidelines from the Federal Financial Institutions Examination Council...
Latest Tweets and Mentions
ARTICLE
FFIEC Issues Cyber-Resilience Guidance
New business continuity guidelines from the Federal Financial Institutions Examination Council...
The ISMG Network
-
-
ArticleAnthem Refuses Full IT Security Audit
Watchdog Agency Says Insurer Won't Allow Vulnerability Scans
-
-
ArticleDumped Records Case Illustrates BA Risk
Incident Shows Why Business Associates Are a Big Worry
-
ArticleEbola Nurse Sues for Privacy Invasion
Lawsuit: 'Highly Personal' Information Inappropriately Released
-
ArticleGAO Sees FAA Air Traffic System at Risk
Lawmakers Want FAA to Explain How It Will Fix Problems
-
InterviewConsolidating IT as a Security Measure
Minnesota CISO Chris Buse Describes State's Strategy
-
-
InterviewPanel Addresses Union Budget, Security
Security Leaders Offer Expectations for Government Investment
-
Solutions
From Our Sponsors
Featured Jobs
-
Advanced Risk and Compliance Analytics - Senior Associate
Pwc - London, Greater London
-
Sr Manager, Information Security Officer
Walt Disney - Glendale, CA
-
Info Security Engineer 5
Wells Fargo - Glen Allen, VA
-
Sr. Information Security and Compliance Analyst, IT
Publix Super Markets - Lakeland, FL
-
Privacy Officer/Comp&Audit
Memorial Health - Savannah, GA
Upcoming Webinars
-
Cyber Security for Community Banks: Managing the Unique Challenges
March 5, 2015 @ 11:30 AM Eastern -
Malware & Spear Phishing: How to Defend the Enterprise
March 5, 2015 @ 3:30 PM Eastern
