Debate surrounding the Cybersecurity Act has focused on whether the government should regulate privately owned, critical IT systems. But the bill also would make significant changes on how government governs IT security, co-sponsor Sen. Tom Carper says. See how.
Blaming developers for application security problems is the wrong thing to do. Here are five reasons why application security development fails in the software development ecosystem of many companies.
Data breaches are growing, but Verizon's Chris Novak says most incidents could be prevented by more diligent database monitoring. So what specific steps should organizations take to mitigate their risks?
ISACA just issued COBIT 5 for Information Security, a business-centric approach to governance and IT management. ISACA's Robert Stroud explains what COBIT 5 means to your organization.
The truth about preventing a breach, like the advanced-persistent-threat attack RSA experienced in 2011, is that an organization can't defend critical systems alone, says RSA CISO Eddie Schwartz.
Programs from Carnegie Mellon and the University of Maryland come at a time when organizations not only can't find enough IT security professionals to hire to meet their needs, but often lack the leadership to oversee IT security initiatives.
Falsified credentials are a growing concern for organizations, as job applicants fill their resumes with bogus academic degrees and job titles. Attorney Les Rosen offers tips for better screening.
Removing provisions from the original bill to grant the federal government authority to impose standards on the mostly privately-owned critical IT infrastructure is a concession to win votes from Republicans, who oppose regulation.
How well do U.S. credit unions conform to the FFIEC Authentication Guidance? An NCUA official discusses the state of conformance and what its examiners have learned from institutions.
A successful organization in today's business world has most likely cultivated a "brand." Have you ever thought about creating your own brand to enhance your career?
"The reality is that, if you look across IT, IT people are very good at so many things; they're much better at it in a lot of cases than security people are," RSA CISO Eddie Schwartz says.
IT security expert Francoise Gilbert says the FFIEC's new resource document on cloud computing understates the risks all banking institutions should consider. What areas is she most concerned about?
A Mississippi bank is taking legal action against a former commercial customer, claiming the customer is liable for losses and damages linked to a suit over ACH/wire fraud.
Financial institutions store lots of data. But most don't exploit or even know how to manage it. How can institutions get a handle on big data and use it to deter fraud? Zions Bank offers tips.
BITS is ramping up its work with federal regulators around pending legislation. What initiatives is the group spearheading, and how can banking institutions play an integral role in the process?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.
