If Congress fails to enact a national breach notification law, the Obama administration could develop a set of voluntary best practices along the lines of its new cybersecurity framework.
White House Cybersecurity Coordinator Michael Daniel assesses the cyberthreat environment facing the nation and explains what the federal government is doing about it.
In a keynote address at the RSA 2014 Conference, Kevin Mandia, founder of Mandiant, warns organizations to beware of "victim's fatigue," or letting your guard down after going six months without a breach.
Fraudsters continually find new ways to attack, but too many organizations rely on old, unsuccessful methods to detect and prevent fraud. This is the premise, says David Mattos, VP Sales, with Easy Solutions.
Verizon's annual data breach investigations report will be released in the coming weeks, offering perspective on 10 years of breach analysis, says Wade Baker, one of the report's key authors.
Proofpoint and ISMG have just completed a new Targeted Attacks survey. What are some of the key findings? Kevin Epstein shares insight on detecting advanced threats and warding off attacks.
Verizon isn't offering many details about two retailer breaches it's reportedly investigating, which may be linked to the Target breach. But IntelCrawler's Dan Clements says the merchants were likely breached several weeks ago.
As organizations expand their use of encryption to help prevent breaches, they must improve their management of cryptographic keys, says Prakash Panjwani, senior vice president at SafeNet.
While much of the security focus is on online fraud and major data breaches, organizations of all sizes and sectors are seeing a rise in phone-based fraud, says Matt Anthony of Pindrop Security.
Neustar is about to release a new report on the DDoS threat landscape. What are some of the key trends to watch? Neustar's Jim Fink offers a preview of the study's findings.
Malcolm Palmore of the FBI's Cyber Division discusses how law enforcement agents are working closely with private sector security leaders to investigate DDoS attacks and help mitigate the effects.
RSA 2014 is hosted across the street from a Target store. Which is only fitting because the Target retail breach arose in many discussions during day one of the annual security conference.
While January's seemingly isolated distributed-denial-of-service attacks against JPMorgan Chase and Bank of America may have been a blip, DDoS expert Barrett Lyon says stronger attacks are on the way.
While massive DDoS attacks were dominant in 2013, this year, smaller application-layer attacks going after such things as log-in pages and password files are far more common, says Rich Bolstridge, chief strategist, financial services, at Akamai Technologies.
Log analysis is often used for managed security, but are organizations going far enough with the information they have at their fingertips? Don Gray, chief security strategist for Solutionary, says there is much more organizations could be doing to predict breaches.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ffiec.bankinfosecurity.com, you agree to our use of cookies.