The potential of governments messing with commercial IT security products - think China and the NSA - means organizations need to improve lines of communications to assure the integrity of the IT wares they acquire. ISF's Steve Durbin discusses mitigating supply-chain risk.
The White House is intensifying its effort to get federal agencies to adopt continuous monitoring and move away from the paper-based checklist compliance they've followed for a decade under the Federal Information Security Management Act.
Business associates have been involved with fewer major health data breaches so far this year, compared with 2012. Are they getting better at prevention, or are they just under-reporting breaches?
FS-ISAC has issued a white paper with tips on streamlining third-party software risk assessments. One member of a new working group explains why the adoption of standard security controls is so critical.
Organizations need to know how other enterprises handle cyber-attacks to truly understand whether their IT security investments will pay off, the EastWest Institute's Karl Rauscher says.
NIST is revising its 3-year-old smart-grid guidance to address technological and policy changes that have made the power grid more susceptible to vulnerabilities and threatened utility customers' privacy.
The Office of the Comptroller of the Currency is the first major U.S. banking regulator to issue updated guidance on third-party risks. What are the key tenets, and what should institutions expect next?
Purdue University's Eugene Spafford discusses the ethical issues that have been brought to the forefront by former NSA contractor Edward Snowden's leaks of classified details on a number of top-secret government surveillance programs.
The initial phase of the continuous diagnostics and mitigation initiative, a new program to secure government computers, concentrates on helping federal agencies identify and manage their software and hardware assets.
Organizations collect a wealth of information as part of their governance, risk and compliance programs, and security professionals are missing out on important insights if they don't take advantage of it.
In the next five years, the federal government will work to centralize for civilian agencies' networks a way of identifying cyberflaws and employing diagnostic tools to remediate them, the Department of Homeland Security's John Streufert says.
To mark his induction into the National Cyber Security Hall of Fame, Purdue University Computer Science Professor Eugene Spafford offers insights on key challenges, including overcoming senior executives' misperceptions about key issues.
Regulators need to do a better job of notifying banks promptly when they find severe security flaws at third parties, especially core banking processors. And community banks need to collaborate on assessments of third-party risks.
Cybersecurity experts say perceived disruptions caused by the shutdown could encourage America's cyber-adversaries to increase their attacks and probes on federal government IT systems and networks.
In the wake of an ongoing stream of merchant and payment processing breaches, the FDIC is reminding smaller banking institutions that they are ultimately responsible for ensuring the security of cardholder data.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.