Financial institutions and businesses in other sectors must continually collect information about their online customers to ensure stronger authentication, says Avivah Litan, a fraud expert and analyst for the consultancy Gartner.
The breach of a card loyalty marketing company has reignited discussions about the roles banking institutions, regulators and others play when it comes to mitigating third-party risks. Where should the buck stop?
Every second, 80 "things" are being connected to the Internet, and ISACA's Rob Stroud says that requires information security professionals to identify and mitigate threats, protect individuals' privacy and manage access.
New payment card security standards issued by the PCI Council include a number of improvements, plus some glaring omissions, such as requirements for mobile, security experts say. What are their chief concerns?
The National Institute of Standards and Technology continues to collaborate with the National Security Agency on its IT security guidance even as it investigates whether the spy agency meddled with one of its special publications.
NIST is revising its 3-year-old smart-grid guidance to address technological and policy changes that have made the power grid more susceptible to vulnerabilities and threatened utility customers' privacy.
For years, researchers have studied malicious insider threats. But how can organizations protect themselves from insiders who make a mistake or are taken advantage of in a way that puts the organization at risk?
The White House says the conversation between the president and business leaders focused on how to encourage adoption of the cybersecurity framework. Participants also discussed the need for framework adoption by suppliers.
The Army Research Laboratory is collaborating with five research universities on a $23 million, 5-year initiative to develop what's being characterized as a new science to detect, model and mitigate cyber-attacks.