Since the phrase "Advanced Persistent Threat" (APT) was coined nearly ten years ago, it has been the subject of extensive discussion and debate in the IT security community, attracting terabytes-worth of media buzz. The spotlight on APT's has been critical of bringing the reality of today's threats to light, but the...
To date, the most common reaction to targeted attacks has been for organizations to just do what they have always been doing, but harder. That isn't going to work. We need to look at this problem differently and adopt a different set of thought processes. There is a great deal to be said for adopting a warlike...
Part 1 - Fraud Ecosystem
In June this year, the "Ronald Reagan" batch of credit cards (potentially those stolen from P.F. Chang's) joined the "Barbarossa" batch from Target in becoming publicly available for purchase. These cards were featured on the popular Rescator card shop (stolen card data marketplace), which...
In a keynote address at the RSA 2014 Conference, Kevin Mandia, founder of Mandiant, warns organizations to beware of "victim's fatigue," or letting your guard down after going six months without a breach.
In the second full day of RSA 2014, ISMG's editors record exclusive video interviews with Troy Leach of the PCI Council, Adam Sedgewick of NIST and Gartner's Avivah Litan. What insights do these thought-leaders share?
While much of the security focus is on online fraud and major data breaches, organizations of all sizes and sectors are seeing a rise in phone-based fraud, says Matt Anthony of Pindrop Security.
The Target retail POS breach is the most talked-about incident in recent memory - and it was entirely preventable with available security solutions, says Adam Tegg CEO of Wontok Solutions.
The financial services industry will make wider use of data analytics next year as the value of leveraging big data to help prevent or detect fraud becomes more clear, experts predict.
Losses linked to retail breaches have fueled class action lawsuits on behalf of consumers. But Javelin's Al Pascual says banks are soon likely to take legal action, too, in breach cases that expose cards and lead to fraud.
The consumerization of IT and the popularity of BYOD are jeopardizing the security and integrity of enterprise data. Seeking an easy way to share files across smart phones, tablets, and desktops, employees are using free public cloud file sharing services that lack rigorous security and audit controls. These services...
The cost of a data breach or privacy violation goes far beyond compromised records to include hard-dollar expenditures for breach notification, credit monitoring, regulatory fines and legal fees. Not to mention the immeasurable cost of reputation loss.
To avoid these losses, security leaders are increasingly...
Data security used to be about building firewalls and protections around the data. Now it's about securing the data itself. That's why data is the new perimeter, says Charlie Pulfer of Titus.
A new study says, on average, it takes 87 days to first recognize that insider fraud has occurred. Why the delay? Researcher Larry Ponemon and Christine Meyers of Attachmate Luminet discuss the findings.
The big, external breaches get the headlines, but the insider crimes are doing significant financial damage, says Tim Ryan of Kroll Advisory Solutions. How can organizations address the insider threat?
Organizations typically secure data where it resides and is transmitted. Data-centric security strategies focus on securing the data itself. Mark Bower of Voltage Security explains.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ffiec.bankinfosecurity.com, you agree to our use of cookies.