Banks have improved DDoS defenses, but ensuring ongoing online reliability requires a more offensive measure - one that rids the Internet of vulnerable sites that can too easily be used for bot traffic.
In light of growing threats and the increasing complexity of information technology, organizations must get everyone in the enterprise, especially top leaders, involved in assessing and managing information risk.
To mitigate the top threats for 2013, organizations need to understand the motivations of potential attackers so they can adequately defend their networks and systems. Experts describe risk management strategies for the year ahead.
More malware attacks fueled by Citadel and Reveton are getting attention from federal authorities, which say banking institutions and consumers should be on high alert. What can institutions do to mitigate emerging malware risks?
One problem tracking IT security employment is the dearth of information. Even the most trustworthy organization in collecting employment data, the Bureau of Labor Statistics, furnishes infosec data it cautions aren't reliable.
The Paul Allen card breach reiterates a concern financial fraud experts have been screaming about for years: Socially-engineered schemes that compromise employees. So, what can institutions do about them?
2011 has offered quite a number of tough lessons for security professionals. Here at (ISC)2, where security education is our focus, the close of another year raises the old teacher's question: "What have we learned, class?"
New research from Carnegie Mellon University's Software Engineering Institute provides further evidence why IT security isn't just the problem of an enterprise's security organization but of its top non-IT leadership as well.