ISACA has issued a new information risk management framework - COBIT 5 for Risk - that provides 20 scenarios to help organizations better mitigate risk. The scenarios include more than 100 risk types.
Individuals see information differently today than they did just a few years ago because of big data and that, in turn, influences how people perceive privacy. ISACA's Jeff Spivey explains.
Spear-phishing attacks aimed at bank employees are on the rise, and community banks and credit unions are particularly vulnerable. Learn why experts say authentication is failing to address the problem.
Successfully implementing the SANS 20 Critical Security Controls requires far more than just deploying systems, platforms or services. Experts offer insights on effective strategies for leveraging technical controls.
Although the U.S. and Chinese governments blame one another for cybermischief, they should collaborate to battle common cyberthreats, says Christopher Painter, the State Department's top cyberdiplomat.
Professionalizing occupations within the cybersecurity field won't necessarily help fill vacant IT security jobs in government and industry, says Diana Burley, an IT security workforce expert.
TD Bank has been ordered to pay $52.5 million in penalties for violations of the Bank Secrecy Act and securities laws as a result of failing to file timely suspicious activity reports related to nearly $1 billion worth of transactions.
More than 1,000 banks will test their incident response strategies by participating in a simulated cyber-attack exercise. SWACHA's Dennis Simmons says the drill, which is open to more participants, will help bolster defenses.
Version 3.0 of the Payment Card Industry Data Security Standard, to be released later this year, will include a focus on the standardization of compliance assessments, says Bob Russo of the PCI Security Standards Council.
Comptroller of the Currency Thomas Curry's comments in a Sept. 18 speech could be an early indication that regulators will put more pressure on banks and service providers to fill cybersecurity gaps, some observers say.
While some in Congress argue about whether the Department of Homeland Security has too much cybersecurity authority, recently retired leader Bruce McConnell offers his take on why the department is playing an appropriate role.
Two more guilty pleas in a $200 million card fraud scheme highlight why banks need to ensure their identification verification policies are consistently applied and that customers are continually vetted and profiled.
Comptroller of the Currency Thomas Curry says U.S. banking institutions are at heightened risk of cyber-attack because of emerging technology, interconnectivity and reliance on third-party service providers.
On the one-year anniversary of al-Qassam Cyber Fighters' first announcement about DDoS attacks against U.S. banks, experts discuss what may happen next, including whether the group will join forces with the Syrian Electronic Army.
The National Institute of Standards and Technology is re-evaluating a set of its special publications because of concerns expressed by some leading cryptographers that the National Security Agency might have corrupted the guidance.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.