What is the Identity Ecosystem Framework, and why is it so important for security professionals to embrace? Kimberly Little Sutherland of LexisNexis Risk Solutions shares insights on the future of online identity.
The PCI Security Standards Council has published a new version of its data security standard that calls for ending the use of the outdated Secure Sockets Layer encryption protocol that can put payment data at risk.
In the wake of the breaches suffered by JPMorgan Chase, Sony and Anthem, attack attribution and information sharing are playing more prominent roles for banking leaders, and they will be key discussion points at the upcoming RSA Conference 2015 in San Francisco.
New, advanced point-of-sale malware dubbed "Poseidon" can exfiltrate card data directly from every infected device. And security experts warn that too many retailers fail to test POS devices and segment networks to mitigate all malware threats.
The Target breach was the hot topic for many RSA 2014 attendees, but Gartner's Avivah Litan was already talking about the next Target - a UK retailer that may have suffered a similar hack, exposing payment card data.
Troy Leach of the PCI Security Standards Council says data security standards are not failing; they just aren't being applied continuously. And conformance with the Payment Card Industry Data Security Standard is just one piece of the puzzle.
Most organizations have yet to realize the cybersecurity benefits of big data analytics, says Russell Thomas of Zions Bank. He explains steps the pioneering bank is taking to revolutionize its big data operations.
RSA President Amit Yoran's focus is on refining RSA's vision, growth strategy and emerging technology. A key consideration in honing that strategy: the rise and pervasiveness of advanced threat actors.
In the four years that he led the National Strategy for Trusted Identities in Cyberspace, Jeremy Grant says he saw significant progress in the use of new forms of authentication - yet widespread acceptance remains years away.
As financial institutions update their defenses in light of new types attacks - from scams to network-penetrating cyber-attacks - they need to ensure they factor in all of the ways that their systems and employees might be targeted or manipulated.