To mitigate the top threats for 2013, organizations need to understand the motivations of potential attackers so they can adequately defend their networks and systems. Experts describe risk management strategies for the year ahead.
More malware attacks fueled by Citadel and Reveton are getting attention from federal authorities, which say banking institutions and consumers should be on high alert. What can institutions do to mitigate emerging malware risks?
One problem tracking IT security employment is the dearth of information. Even the most trustworthy organization in collecting employment data, the Bureau of Labor Statistics, furnishes infosec data it cautions aren't reliable.
The Paul Allen card breach reiterates a concern financial fraud experts have been screaming about for years: Socially-engineered schemes that compromise employees. So, what can institutions do about them?
2011 has offered quite a number of tough lessons for security professionals. Here at (ISC)2, where security education is our focus, the close of another year raises the old teacher's question: "What have we learned, class?"
New research from Carnegie Mellon University's Software Engineering Institute provides further evidence why IT security isn't just the problem of an enterprise's security organization but of its top non-IT leadership as well.
Two stories stand out when I look back on the month of May: the POS PIN pad swap scheme that hit Michaels crafts stores in more than 20 states and the insider job at Bank of America that led to $10 million being stolen from some 300 customer accounts.