People, as much as anything else, are a critical aspect of information risk management, and businesses and government agencies must monitor employees - and educate them, as well - to thwart a potential threat from within.
"It's a crime like no other crime," says James Ratley, president of the ACFE, describing fraud. "There was not a gun involved, there was not a knife; there was in many cases a ballpoint pen or a computer."
Identifying the insider who could pose a threat to your organization's IT assets must be a team effort among non-technology, IT and information security managers, Carnegie Mellon University's Dawn Cappelli and Mike Hanley say.
Pace University's Seidenberg Cyber Security Institute plans to leverage public-private partnerships - a challenge for educational institutions. How will the institute help the private and public sectors meet their security needs?
The information security job market is evolving into highly specialized areas, says Eugene Spafford, noted professor at Purdue University. So, how must students now prepare themselves for these new career paths?
These new sites now make Information Security Media Group the largest global network of information security-focused media sites, reaching the most diverse audience of decision-makers in each of ISMG's key markets.
Fraud threats have changed little in the past decade. But their global scale has, and James Ratley, president of the ACFE, details how fraud examiners must change their approach to fighting these crimes in 2012.
If management awareness of information security issues increases, will an organization's commitment to securing practices and policies also increase? This is the question answered by an eye-opening new study.
2011 has offered quite a number of tough lessons for security professionals. Here at (ISC)2, where security education is our focus, the close of another year raises the old teacher's question: "What have we learned, class?"