Organizations are not taking the advanced persistent threat seriously enough, says Hord Tipton of (ISC)2. But security professionals also are not mitigating the common threats, he says. Watch the video.
"The changes we propose in revision 4 are directly linked to the current state of the threat space - the capabilities, intentions and targeting activities of adversaries - and analysis of attack data over time," says NIST's Ron Ross.
When it comes to application security which approach is best? Is static application security testing better than dynamic testing? Or is manual penetration testing best of all? Or can I forego testing all together and rely on my web application firewall? The answers to these questions seem to vary depending on who...
IT security leaders rely on penetration testing to determine whether applications are secure. But penetration tests can't be a primary source of assurance, says Jeff Williams, co-founder of OWASP.
An analysis of many recent studies suggests that over 80 percent of applications contain simple vulnerabilities. Here are five tips that developers can leverage to secure their code.
When the Commonwealth of Pennsylvania suffered a major security breach a few years back, vulnerabilities in a Web application were to blame. CISO Erik Avakian explains how the state developed a process to correct flaws in application code.
Vulnerabilities in applications developed for the Commonwealth of Pennsylvania contributed to a major security breach a few years back, one that state CISO Erik Avakian does not want repeated.
Customers want to be involved with their banking security, but few institutions allow them to play active roles in fraud prevention. What has to change?
Banks and credit unions are feverishly working to meet the FFIEC's authentication compliance deadline next year. But experts say institutions should be looking beyond the guidance, by making investments in cross-channel fraud detection.
Bank of America's Keith Gordon says securing the mobile channel is much like securing any other banking channel: Controlling risks requires layers of security and controls. But educating customers plays a key security function, too.
An estimated 650,000 customers have recently switched from big banks to community banks and credit unions. But are these smaller institutions prepared for the new demand for security and fraud prevention?
What fraud and security issues does Paul Smocer, the new president of BITS, see as being top concerns in the coming year? Mobile payments, social media, and a strong need for institutions and organizations to comply with existing guidance top the list.
When Mano Paul of (ISC)2 discusses today's top application security challenges, he draws an analogy with sharks. And what he views as the skills needed to tackle today's top threats might surprise you.
Software applications are the lifeblood of every organization, and today's #1 IT security threat is vulnerabilities in these applications. Complexity, interconnection and criticality of source code have resulted in a dangerous proliferation of vulnerabilities and risks.
Register for this session to learn:
How...
Ohio is relatively new to enterprise information security, and according to David Shaw, the state's chief information security officer, there is still much to do to ensure that all the agencies' critical infrastructure is protected.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.
