Mobility has driven the rise of containerization as a security strategy for employee-owned devices. But what about for contractors? Kimber Spradlin of Moka 5 discusses how to mitigate third-party risks.
Despite their differences on certain issues, the Financial Services Roundtable and the Retail Industry Leaders Association have joined forces in an effort to prevent breaches by enhancing cybersecurity and threat intelligence sharing.
The potential of governments messing with commercial IT security products - think China and the NSA - means organizations need to improve lines of communications to assure the integrity of the IT wares they acquire. ISF's Steve Durbin discusses mitigating supply-chain risk.
President Obama met with technology company executives critical of his administration's surveillance program a day after a federal judge ruled that portions of the National Security Agency program could be unconstitutional.
For risk managers, an often overlooked step for minimizing supply chain risks is to continually monitor outsourcers and other third parties to address critical security issues, says the Information Security Forum's Steve Durbin.
John Streufert, the DHS director overseeing the rollout of a federal continuous diagnostic initiative to mitigate IT systems vulnerabilities, expects that many state and local governments will participate in the program.
NIST is developing risk management guidance on the IT supply chain that says organizations should take an incremental approach and ensure that they first reach a base maturity level in organizational practices.
National Security Agency Director Keith Alexander declined to say that the agency would stop using contractors in top secret IT positions to prevent a leak such as the one that exposed NSA programs to collect metadata on American citizens.
CISOs' top three priorities for 2013 are emerging threats, technology trends and filling security gaps, says RSA CISO Eddie Schwartz. But what new strategies should leaders employ to tackle these challenges?
Acquiring IT security products gets more complicated every day, so SINET's John Muir says it's not unreasonable to expect that even the most informed CISO needs help in identifying the right hardware, software and services to obtain.
Michaels craft stores. TRICARE. Global Payments Inc. These are among the most recent and prominent examples of third-party data breaches that adversely impacted financial institutions, healthcare providers and other affiliated entities.
How prepared is your organization to respond to a third-party breach - not just...
As part of your risk management strategy, your organization likely conducts pre-employment background checks. But what are your screening strategies after you have made your hires? How would you know, for instance, if:
An employee's personal finances have crumbled, and that individual is now at risk to...