Fraud Protection August 17, 2016 New FFIEC Mobile Financial Services Guidelines Services Put a Stake in the Ground 2 min read - The Federal Financial Institutions Examination Council put a stake in the ground with recent guidance on risks associated with mobile financial services.
CISO August 15, 2016 Threat Modeling in the Enterprise, Part 2: Understanding the Process 3 min read - The output of a carefully executed threat modeling exercise can be extremely valuable when informing your security control selection process.
CISO August 12, 2016 A Risk-Driven Approach to Security, From Check Boxes to Risk Management Frameworks 4 min read - Department heads have to start thinking about risk management in terms of acceptable risk levels, not compliance requirements to mark off a checklist.
CISO August 10, 2016 Millennials Are Not Burdens but Vital in the Security Workforce 2 min read - Millennials are not the problem; they're the future. The ability to attract and retain millennial talent is a vital to long-term success in security.
CISO August 8, 2016 Threat Modeling in the Enterprise, Part 1: Understanding the Basics 5 min read - Threat modeling allows enterprises to manage risk more effectively and build a better understanding of the possible attack vectors.
Fraud Protection August 5, 2016 Identity Theft and Social Media: How Are They Related? 3 min read - Social media has created many new ways for people to interact. While this can be viewed as exciting, it also leaves users vulnerable to identity theft.
Application Security August 2, 2016 Five Critical Steps to Effectively Selecting an Application Security Testing Provider 4 min read - Companies and organizations must consider a wide range of critical factors when selecting an application security testing provider.
CISO July 26, 2016 The Information Security Leader, Part 4: Three Persistent Challenges for CISOs 5 min read - Today's business climate presents challenges for CISOs regarding the definition of risk, uncertainties of measuring risk and effective communication.
CISO July 19, 2016 The Information Security Leader, Part 3: Four Fundamental Questions for Risk Analysis 3 min read - When it comes to a risk analysis, CISOs need to translate the question "How secure are we?" into one of the four fundamental questions about risk.
CISO July 12, 2016 The Information Security Leader, Part 2: Two Distinct Roles of a CISO 3 min read - Information security leaders today must be able to fill the two distinct roles of a CISO: the subject-matter expert and the trusted business adviser.