ISACA's Marc Vael says differences in cloud computing environments and cloud providers can pose security risks. But well thought-out contracts and risk-management plans can fill potential security gaps and ensure business continuity during outages and disasters.
The HHS Office for Civil Rights should carefully consider comments received on its proposal to require healthcare organizations to provide patients with a complete list of everyone who has electronically viewed their information.
Looking at the international stock market crash and the impact it's likely to have on future investments in fraud detection and prevention, how much can banks and credit unions reasonably afford, when economic stability is shaky and the financial future uncertain?
What Operation Shady RAT reminds us is not just how vulnerable our IT systems are, but how interconnected we are as a global society, and the fundamental role information technology plays.
In social media policies, organizations are putting too much emphasis on what not to do, as opposed to how to navigate the space effectively, says social media expert Sherrie Madia.
"The timing and the targets point to China," says cybersecurity policy expert James Lewis. "Spying right before the Beijing Olympics and focusing on Southeast Asia reflects China's larger interests more than those of any other country."
Banking institutions have a lot to do in order to prepare for the Jan. 2012 deadline to conform with the new FFIEC authentication guidance, and former banking regulator William Henley has one, simple piece of advice: start now.
Before entering a contract with a cloud computing company, organizations should consider three critical issues, says Feisal Nanji, executive director at the security consulting firm Techumen.
Organizations taking proper preventative measures realize a cost savings of nearly 25 percent over those that don't, an analysis of a survey sponsored by Hewlett-Packard reveals. Still, the study shows, it takes longer to resolve cyberattacks than it did a year ago.
"It's time to stop shifting the security burden onto retailers and restaurants like Margarita's," says Gartner analyst Avivah Litan on the latest payment card breach. "In fact, it was time for that over five years ago."
Extensive news coverage about the attacks against RSA and others have made customers jittery. "The publicity resulted in many customers' risk tolerance going down whilst their level of awareness and concern went up," says RSA CFO David Goulden.
Scott Laliberte, managing director of Protiviti, wrote the book on penetration testing, and he has strong feelings about what organizations are doing right and wrong when assessing their information security risks today.
Because information security threats know no borders, the European Network and Information Security Agency is working hard to ensure the solutions span nations, too, says Prof. Udo Helmbrecht, ENISA's executive director.
In the wake of natural disasters or global political unrest, financial institutions of all sizes must be mindful of international fraud schemes and suspicious activity, says EastNets' Paul Buelens.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.
