Rotating agents every three years through field offices is seen as having a detrimental affect at developing the skills needed to investigate national security intrusion cases.
Four years ago, the Council of Registered Ethical Security Testers began as an organization to bring standardization to the penetration testing industry. Today, CREST's scope is expanding across industries and global regions, says president Ian Glover.
"We took our understanding of the tools, tradecraft and techniques used by these malicious actors, and converted it into actionable information that ... would lower their risk to the type of attack we saw at RSA," DHS Secretary Janet Napolitano says.
From mobile devices to social media and cloud computing, IT governance is all about risk management. "You can't de-risk everything, but you can de-risk the majority of circumstances you will see in normal operations," says governance expert Robert Stroud.
Key questions: What impact - if any - will the recent RSA and Epsilon data breaches have on the FFIEC's pending authentication update? And when will this long-awaited banking guidance finally be released?
It's been over three months since the accidental disclosure. When will the final FFIEC authentication update be released? "I don't think we're any less safe," says Gartner's Avivah Litan. "We just need to step up enforcements."
Gigi Hyland, board member of the National Credit Union Administration, says the latest draft of authentication guidance is awaiting final signoff from just one member agency of the Federal Financial Institutions Examination Council.
"Although we have made good progress in creating information sharing entities, to share information securely and efficiently, we have not adequately tackled the critically important issues associated with the timeliness and completeness of information," Financial Services Sector Coordinating Council Chair Jane Carlin...
Altra Federal Credit Union developed a calculated strategy before moving to the cloud -- advice all financial institutions should follow, says Brian Boettcher, VP of IT, who shares his lessons learned.
U.S. Cyber Challenge will hold a series of competitions aimed primarily at college students as part of its April Cyber Quest series, with winners receiving invitations to attend one of several cyber camps to be offered this summer.
Most furloughed federal employees would have had to turn in their BlackBerries and other mobile devices in a U.S. government shutdown. Just as well, using the technology could have resulted in an employee landing in the slammer.
At a time when there is heightened demand for cybersecurity professionals within the U.S. federal government, the value of IT security certifications ranks high as a criterion for hire.
Philip Reitinger, the top cybersecurity official in the Department of Homeland Security, is on a mission to help create a new, secure computing ecosystem on the Internet.
A survey of American households - the same one used to determine the national unemployment rate - shows that 37,000 individuals in the United States consider themselves as information security analysts.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.