Network security threats abound, and news of data breaches are constantly made public. Are information security professionals doing something wrong? Where are enterprises most vulnerable? And what can network pros do to keep a company more secure? in order to solve security issues, we need to think of information security as risk management, says Interop IT security track chair John Pironti, who is president of IP Architects, LLC. Here’s why:

Read full story


The results of Actimize’s Card Fraud and Mass Compromise peer-review survey validate a number of widely held assumptions about recent developments in card fraud, and also point to a number of less obvious trends in card fraud risk management.  Download this report to learn more about:

  • Impact of mass compromise events on consumer confidence
  • Effect of the current economic situation on consumer card usage
  • Anticipated growth rate of ATM/debit fraud in 2009
  • Methods and technology banks are using to prevent ATM/debit fraud

Get the report here: cardfraudmasscomp

Seventeen percent of companies say it’s only a matter of time before an internal breach occurs

While many companies pay lip service to the concept of risk management, nearly one-third are not devoting any budget to these programs and almost one-quarter have no risk management initiative at all, a new study says.

According to a report published this week by security and compliance vendor Sailpoint, 77 percent of companies surveyed have a risk management function within their IT organizations. However, nearly 30 percent of those companies don’t allocate budget to that function.

“That means nearly 50 percent of the affected companies either do not have, or underfund, their IT risk management activities,” Sailpoint says.

In addition, only 43 percent of respondents said they could present a complete record of user access privileges for each employee in a single day. Forty-two percent said they do not have the ability to immediately remove all access privileges for terminated employees in the event of a large layoff.

Continue reading …

More than 62 percent of companies experienced a security breach in the last twelve months due to insecure software, a survey conducted by Forrester has revealed.

Forrester’s “Application Risk Management in Business Survey” research, commissioned by application risk management platform supplier Veracode, surveyed more than 200 respondents from 180 different businesses across various industry sectors. Development, security and risk professionals across the UK and US were interviewed.

Continue reading the article