The individual implementing security - the chief information officer - can't be the same as the person responsible for testing security, conducting audit and reporting on security weaknesses, South Carolina Inspector General Patrick Maley says.
Absent a uniform method, the NIST interagency report investigates credential revocation, focusing on identifying missing requirements, and suggests a model for credential reliability and revocation services that addresses those missing requirements.
The PATCO fraud dispute could have been settled in 2009, says co-owner Mark Patterson. Why did the case drag on, and what can banking institutions and fraud victims learn from PATCO's recent settlement?
Small attacks aimed at merchants are proving the most fruitful for hackers, recent analysis from Verizon shows. But risk expert Wade Baker says there are steps banking institutions can take to respond.
Given the magnitude of sensitive information on Social Security Administration computers, the inspector general says, any loss of confidentiality, integrity or availability of systems or data could have a significant impact on the nation's economy.