Banking Information Security Podcast

NIST's Ron Ross Tackles the Risk Management Framework

If Marcus Ranum were your CISO, this would be his 2011 resolution: To launch a "War Games" style exercise.

"As more channels connect to ACH, it will become the preferred route for banks to process transactions," says Steve Kenneally of the American Bankers Association.

This week's top news and views: Wire fraud costs a Missouri escrow company $440K, internal auditors add risk-management value.

This week's top news and views: Wire fraud costs a Missouri escrow company $440K, internal auditors add risk-management value.

Hemu Nigam says WikiLeaks founder Julian Assange has become akin to a "cyber messiah" And Assange's followers have proven: "If you turn your back on our messiah, we are going to take you down."

No one knows risk better than the internal auditor, and so no individual has a better opportunity to add risk management value to organizations, says Richard Chambers, president of the Institute of Internal Auditors.

Aite Group's Julie McNelley says financial institutions cannot wait to invest in mobile payments innovations.

"Until they personally suffer pain, they don't think it is something that can happen to them," says Eric Cole, an insider threat expert and SANS Institute faculty fellow.

Will the U.S. be a leader or a follower in cyberspace in the year 2020?

WikiLeaks leaks raise questions about internal at financial institutions, and the Fed Reserve of Atlanta talks mobile and the future of electronic payments.

WikiLeaks leaks raise questions about internal at financial institutions, and the Fed Reserve of Atlanta talks mobile and the future of electronic payments.

Community hospitals must become more vigilant about information security, especially as they apply for federal electronic health records incentive payments, says Chuck Christian, CIO at Good Samaritan Hospital in Vincennes, Ind.

The recent WikiLeaks release of thousands of sensitive government documents puts security leaders on notice: The breach threat is real, and no organization is immune.

The complexity of global compliance may be the biggest task IT security organizations face of 2011, IBM's Kristin Lovejoy says.

The information security profession is seeing a transition, as organizations focus more on filling roles related to business and information risk management.

Industry insiders say card skimming incidents are growing and the ATM is the most-hit target, and a rash of targeted phishing schemes brings phishing attacks back to the fore.

Industry insiders say card skimming incidents are growing and the ATM is the most-hit target, and a rash of targeted phishing schemes brings phishing attacks back to the fore.

SAP's Norman Marks: Governance, risk, compliance can improve business.

ABA's Don Rhodes says 2011 will be the year when EMV adoption finally starts to become a reality in the U.S.