Banks need to ensure they continuously monitor their cloud vendors, says Troy Wunderlich of Washington Trust, a community bank in Spokane, who outlines his institution's strategy for vendor management.
Consolidating Microsoft Active Directory isn't just a technical challenge, but a personnel one as well. Just ask Johnson Matthey's Steve Way, who had to calm dozens of administrators he labels as "masters of their own universe."
Here are some questions we'd like to ask the former systems administrator at the National Security Agency to learn more about the motivation behind his leak of the U.S. government's top-secret information collection programs.
The OCC's DDoS risk warnings to community banks may indicate more regulatory scrutiny is on the way. Banks should prepare for more oversight of their cyber-attack reporting and threat mitigation practices.
NIST's Ron Ross sees the cloud as helping to reduce the complexity of keeping data secure. But security expert Eugene Spafford of Purdue University offers a different viewpoint in the first part of a two-part joint interview.
NIST's Ron Ross sees complexity as the biggest risk enterprises face. To ease risk, Ross favors moving data to the cloud. Purdue's Eugene Spafford doesn't fully subscribe to Ross' plan. The two square off in this interview.
Organizations outsourcing card data management to the cloud face significant security risks. How should they prioritize risks when reviewing cloud-vendor solutions? The PCI Council's Bob Russo offers insight.