The potential of governments messing with commercial IT security products - think China and the NSA - means organizations need to improve lines of communications to assure the integrity of the IT wares they acquire. ISF's Steve Durbin discusses mitigating supply-chain risk.
President Obama met with technology company executives critical of his administration's surveillance program a day after a federal judge ruled that portions of the National Security Agency program could be unconstitutional.
Call center fraud is one of the leading threats that financial institutions will battle next year because fraudsters consider the centers to be an easy target. But what can be done to mitigate this threat?
NIST will soon start writing the "final" version of its cybersecurity framework, a guide to information security best practices for operators of the nation's critical infrastructure. But should it be beta tested?
Federal investigators announced five more arrests this week in connection with a $45 million ATM cash-out and prepaid card fraud scheme. Learn why experts expect these types of crimes to become even more common.
For risk managers, an often overlooked step for minimizing supply chain risks is to continually monitor outsourcers and other third parties to address critical security issues, says the Information Security Forum's Steve Durbin.
The breach of a card loyalty marketing company has reignited discussions about the roles banking institutions, regulators and others play when it comes to mitigating third-party risks. Where should the buck stop?
The Office of the Comptroller of the Currency is the first major U.S. banking regulator to issue updated guidance on third-party risks. What are the key tenets, and what should institutions expect next?
In the wake of an ongoing stream of merchant and payment processing breaches, the FDIC is reminding smaller banking institutions that they are ultimately responsible for ensuring the security of cardholder data.
Comptroller of the Currency Thomas Curry's comments in a Sept. 18 speech could be an early indication that regulators will put more pressure on banks and service providers to fill cybersecurity gaps, some observers say.
John Streufert, the DHS director overseeing the rollout of a federal continuous diagnostic initiative to mitigate IT systems vulnerabilities, expects that many state and local governments will participate in the program.