Many security leaders argue over whether their incident response posture needs to be proactive or reactive. But Rsam CISO Bryan Timmerman says it isn't either or - that organizations need both. Here's why.
Traditionally in cybersecurity, technology is the central focus. Adversaries act; security controls respond. But Richard Ford of Forcepoint says it is time to change the dynamic with a shift to human-centered security.
Sixty-five percent of security leaders consider their organizations' security postures to be above average or superior. But only 29 percent are very confident in their security controls. Neustar's Tom Pageler analyzes results of Strategic Cybersecurity Investments Study.
Despite the efficiencies of cloud services, security remains a significant barrier of entry for many organizations. Mark Urban of Symantec offers advice to help security leaders navigate past cloud complexity and chaos.
Biometric adoption and demand by consumers is increasing rapidly. Next-gen solutions now exist for organizations to bring secure, frictionless authentication to their consumers using biometric solutions. Michael Lynch of InAuth shares insights.
The security landscape has shifted significantly for financial services organizations. And now they must use digital transformation as the impetus to evolve their cybersecurity strategies, says Bruce Roton of Level 3.
Like many other inventions now common in modern life, distributed cybercrime may seem trivial today. But this concept emerged little more than a decade ago and has already dominated the threat landscape.
With Verizon's data breach investigations team finding that 90 percent of breaches trace to a phishing or other social engineering attack, lead investigator Chris Novak says that using multifactor authentication should be a no-brainer for all organizations.
Last month, the FFIEC issued an FAQ about its Cybersecurity Assessment Tool, reiterating that use of the tool is voluntary. But some critics say regulators are still questioning institutions about their use of the tool during IT examinations, meaning its use is not truly voluntary.
In an interview, experts from one of the FFIEC's five regulatory agencies explain why the council released a "frequently asked questions" guide to its Cybersecurity Assessment Tool and how they hope banking institutions will put the FAQ to use.
Now that both the FBI and the FFIEC have issued alerts calling attention to the risks associated with interbank messaging and wholesale payments in the wake of SWIFT-related heists, U.S. institutions should brace for more regulatory scrutiny of bank-to-bank payments, financial fraud experts say.