The latest annual Office of Management and Budget report to Congress on agencies' FISMA compliance shows IT security is complex and tough to effectively implement, with authentication, in particular, a challenge.
Under Jeremy Grant's stewardship, the National Strategy for Trusted Identities in Cyberspace has awarded some $30 million in grants to organizations to develop and test new, secure and easily employed ways for consumers to conduct transactions online.
The White House Summit on Cybersecurity and Consumer Protection late last week served as the stage for more than a dozen companies and trade groups to announce new initiatives aimed at securing Internet transactions and payments and reducing fraud.
While there's anecdotal evidence that the NIST cybersecurity framework is proving helpful to businesses in their risk management efforts, there's not yet any measureable proof of its success at preventing damaging cyber-attacks.
The Federal Reserve's just-released plan for faster payments and technology standardization, while applicable to ACH and wire transactions, won't easily translate for card payments, says Troy Leach of the PCI Security Standards Council.
In the wake of an "inebriated" government employee crashing a drone on the White House lawn, federal officials sound warnings over the potential weaponization of consumer drones. But is it anything more than a Hollywood-style movie plot?
The increase in sophisticated hacking attacks will lead other sectors to follow the lead of the financial services industry in implementing multifactor authentication, says Ken Hunt, CEO of VASCO Data Security International.
Security experts see the FIDO Alliance's release of two universal authentication specifications as a positive move in the effort to eliminate passwords. But the standards' impact will be minimal unless they're widely adopted.
A recent blog post by Managing Editor Mathew J. Schwartz, "Why Are We So Stupid About Passwords?" raised a number of issues about the ongoing risks involved in using passwords for authentication. Read the strong reaction to the commentary and join the conversation.
The latest entrant into the password "hall of shame" is Sony Pictures Entertainment. As the ongoing dumps of Sony data by Guardians of Peace highlight, Sony apparently stored unencrypted passwords with inadequate access controls.
Retailers cannot avoid innovation. Yet, cybercriminals thrive when retailers innovate. What, then, can retailers do to stop cybercriminals from breaching their defenses? Here are three key questions to answer.