Informações:
Sinopsis
Exclusive, insightful audio interviews by our staff with info risk/security leading practitioners and thought-leaders
Episodios
-
FFIEC Authentication Guidance: First Analysis
29/06/2011For all the latest news and views, please visit the FFIEC Authentication Guidance Resource Center. Aite's Julie McNelley says the final FFIEC online authentication guidance offers greater detail in areas such as layered security, but that institutions have much to do to prepare for regulatory assessments in 2012.
-
Business Associates: Minimizing Risk
29/06/2011A key factor in minimizing the risk of a breach when working with business associates is to provide these partners with the minimum amount of information they need to perform their services, says security expert Brian Lapidus.
-
Gov't Shutdown Poses Unseen Challenges
28/06/2011Minnesota faces a government shutdown Friday, and state CISO Chris Buse confronts unexpected barriers in preparing for it. No one yet knows what services the IT security organization must support once the midnight deadline passes.
-
Privacy by Redesign: A New Concept
28/06/2011Organizations' biggest obstacles to privacy protection are the organizations themselves - specifically, their silos - says Dr. Ann Cavoukian, proponent of the new concept, Privacy by Redesign.
-
FFIEC: Banks Need Layered Security
28/06/2011Fraud expert Ori Eisen says banks spend too much time reacting to ACH fraud, rather than trying to stop it. Now that the FFIEC's new online authentication guidance is official, banks must focus on eliminating outdated solutions and moving toward automated solutions for device identification and log analysis.
-
Executive Decision: What to Encrypt
27/06/2011SafeNet CEO Chris Fedde says top executives, not chief information or chief information security officers, should have final say on what data to encrypt.
-
Cybersecurity: BITS Supports Obama Bill
27/06/2011Leigh Williams says preventing online data breaches requires cooperation within the online ecosystem from domestic and international organizations. Spearheading and maintaining that cooperation requires federal oversight, he contends.
-
Protecting Medical Devices
25/06/2011A new consortium is leading an effort to devise best practices for ensuring the security of networked medical devices.
-
Compelling Compliance Via Regulations
22/06/2011Sen. Robert Menendez says regulators should have the power to compel banks to toughen IT security and offer timely customer notification of a breach. But if they don't, the Banking Committee member says in an interview, they should come to Congress to get that authority.
-
Online: Many Banks 'Not Ready'
21/06/2011Online and mobile banking are taking the world by storm - especially in the Asia-Pacific region. But many institutions are simply not prepared to manage security and privacy appropriately in these venues, says Gartner's Matthew Cheung.
-
4 R&D Initiatives Focus on Infosec
21/06/2011Northrop Grumman Cybersecurity Research Consortium's Robert Brammer says IT security researchers should think like Wayne Gretzky, the National Hockey League hall of famer: Skate to where the puck will be.
-
VA Addresses Medical Device Security
21/06/2011The latest component of the U.S. Department of Veterans Affairs' ongoing effort to protect medical devices from malware is the creation of a centralized patch management system, says Randy Ledsome, the VA's acting director of field security operations.
-
Mitigating Online Risks
20/06/2011Greg Rattray, VP of Security at BITS, says we can't necessarily stop the spread of dangerous malware like Zeus, but banking institutions can do a better job of mitigating the risk and damage that follow such an attack.
-
Insider Threat: 'Database Armageddon'
20/06/2011AppSec's VanHorn says more segregation of employee duties is needed.
-
Business Associate Management Tips
16/06/2011Working with business associates to prevent health information breaches requires far more than writing detailed contract terms on privacy and security, says regulatory expert Christopher Hourihan.
-
FDIC on Disaster Recovery
14/06/2011FDIC examiner Donald Saxinger says cloud computing can pose challenges when it comes to business continuity during disasters. Proactive vendor management, he says, is the best way to address potential hiccups before they become big problems.
-
PCI Council Addresses Virtualization
14/06/2011The PCI Security Standards Council's new guidance on virtualization in the payments space aims to provide best practices for securing the payments chain's virtual platforms and appliances.
-
Cyber Operations: How to do it Right
13/06/2011Today's advanced threats require an advanced cyber defense. That's why Bob Lamb of Booz Allen Hamilton recommends a new Cyber Operations blueprint that helps organizations assess and meet their cyber needs.
-
Patient Identifiers: Their Role in HIEs
10/06/2011The executive director of a Southern California health information exchange describes a pilot project that's testing whether patient identifiers make it easier to match patients to their records from multiple organizations.
-
RSA Breach: Token Replacement is 'Smart'
08/06/2011IT security expert Marcus Ranum says RSA's offer to replace its SecurID tokens is a deal worth taking.