Page 115 - Latest interviews and insights on data security breach

Fraud Management & Cybercrime

Logs Paint Picture of Menacing Insider

Eric Chabrow • May 21, 2013 9 minutes 57 seconds

Maintaining accurate logs of systems' activities is crucial in helping catch insiders who threaten an organization's digital assets, says George Silowash, co-author of the Common Sense Guide to Mitigating Insider Threats.

Assessing Breaches: Four Key Factors

Marianne Kolbasuk McGee • May 20, 2013 14 Minutes

Under the HIPAA Omnibus Rule, security incidents are presumed to be reportable data breaches unless healthcare organizations demonstrate through a four-factor assessment that risks are low, explains privacy expert Kate Borten.

DDoS Protection

First Data on Preventing Fraud

Tracy Kitten • May 20, 2013 12 Minutes

In this exclusive interview, Tim Horton of First Data explains how the nation's largest credit card processor is helping financial institutions and merchants mitigate risks posed by malware and DDoS attacks.

Anti-Money Laundering (AML)

Why We Can Expect More ATM Cash-Outs

Tracy Kitten • May 13, 2013 15 Minutes

Why are ATM cash-out schemes expected to increase - especially in the U.S.? John Buzzard of FICO's Card Alert Service offers insights, based on federal investigators' most recent global fraud bust.

Governance

Insider Threat Hovering in the Cloud

Eric Chabrow • May 13, 2013 8 minutes 9 seconds

CERT Technical Manager Dawn Cappelli tells a tale of how three individuals, who unexpectedly quit their jobs at a law firm, used a free cloud service to sabotage files containing proprietary client information from their former employer.

Fraud Management & Cybercrime

Fraud Arrests 'A Victory for Us'

Tom Field • May 10, 2013 9 minutes

Cash-out scams are old news. But the size and sophistication of the latest $45 million global fraud scheme that struck banks add up to a troubling trend, says former federal prosecutor Kim Peretti.

Fraud Management & Cybercrime

Avivah Litan on Bank Cyberheist

Tom Field • May 9, 2013 5 Minutes

How could global fraudsters steal $45 million from banking institutions without being detected or stopped? It's a process breakdown, not a technology failure, says fraud expert Avivah Litan of Gartner.

Governance

Mitigating Insider Threat From the Cloud

Eric Chabrow • May 9, 2013 10 minutes 51 seconds

Cloud computing providers must step up and develop approaches to prevent their employees from stealing or harming customer data they host, say two experts from Carnegie Mellon University's CERT Insider Threat Center.

DDoS Protection

OpUSA: Sizing Up the Threat

Eric Chabrow • May 7, 2013 7 minuates 48 seconds

Mark Weatherford, who recently stepped down as DHS deputy undersecretary for cybersecurity, says that although planned OpUSA DDoS attacks may initially be a nuisance, they represent a genuine long-term threat to the government.

Business Continuity Management / Disaster Recovery

Addressing DDoS in Risk Assessments

Eric Chabrow • May 3, 2013 9 minutes 51 seconds

In assessing the risk of a distributed-denial-of service attack, organizations must think beyond shoring up systems' perimeters and concentrate on analyzing cyberthreat intelligence, Booz Allen Hamilton's Sedar Labarre says.

Big Data Security Analytics

Using Big Data to Fight Phishing

Tracy Kitten • May 1, 2013 16 Minutes

Today's spear-phishing campaigns are localized, small and can slip through typical spam filters. As a result, detection practices have to evolve, says researcher Gary Warner of the University of Alabama at Birmingham.

Incident & Breach Response

Mandiant on Nation-State Threats

Tom Field • April 30, 2013 10 Minutes

Security firm Mandiant recently released a widely publicized report detailing cyber-espionage activity originating in China. Mandiant Director Charles Carmakal discusses the latest nation-state threats.

DDoS Protection

Spamhaus DDoS Attack Called Preventable

Eric Chabrow • April 30, 2013 5 minutes 59 seconds

The massive distributed-denial-of-service attack in Europe that targeted Spamhaus could easily have been prevented if information service providers followed a 13-year-old industry best practice, ENISA's Thomas Haeberlen says.

Events

Growing the Global Security Community

Tom Field • April 29, 2013 15 Minutes

When Richard Nealon first sat for his CISSP exam, he was struck by how U.S.-centric the questions were. Since then, he has strived to promote greater awareness of global information security concerns.

Governance

240 Ideas to Secure Critical IT

Eric Chabrow • April 29, 2013 8 minutes, 42 seconds

NIST's Donna Dodson is leading a federal government effort to take hundreds of suggestions from the private sector to create an IT security best practices framework that critical infrastructure operators could voluntarily adopt.