April 16, 2015 Added by:Eduard Kovacs
With less than three weeks to go until Suits and Spooks London 2015 kicks off, the agenda is nearly finalized. Our first 2-day international event will host experts in cyber warfare, intelligence, advanced persistent threats, sophisticated malware, and political issues.
December 12, 2014 Added by:InfosecIsland News
Please join ThreatMetrix and SecurityWeek on Thursday, Dec. 18th, 2014 at 1PM ET for a Live Webcast.
June 18, 2014 Added by:Mike Lennon
Suits and Spooks NYC will feature over 20 expert speakers in the areas of financial intelligence, special operations, information security, money laundering, and the protection of critical infrastructure.
January 27, 2014 Added by:Robb Reck
There is a natural tendency to lump security and compliance together. Intuitively it just makes sense right? The biggest compliance frameworks like PCI, GLBA, SOX and HIPAA are all looking to ensure that our security is up to snuff. In fact, if we do security right, compliance should come naturally, with very little additional technical work.
June 11, 2012
SOC 2 has the potential to unify the risk assurance industry by consolidating multiple audits, standards, and compliance requirements under one umbrella engagement. However, if the market is allowed to define anything as internal controls over financial reporting (ICFR), SOC 2 is destined to fail...
May 09, 2012 Added by:Brent Huston
Financial organizations have been working on implementing out of band authentication (OOBA) mechanisms for specific kinds of money transfers such as ACH and wires. While this authentication method does add some security to the process, it does not come without its challenges...
May 07, 2012 Added by:Jon Long
User organizations figured out a long time ago that if they want confirmation of how secure their suppliers are, they have to find out for themselves because a sufficient third party attestation did not exist. This is also where the challenge to service auditors is...
April 06, 2012 Added by:Jon Long
There is nothing that changes faster than technology, and if you are not ahead of it, you are ancient history. Within the category of technology, security is at the forefront of rapid change, and there is nothing more critical to ensure that we understand as auditors...
March 23, 2012 Added by:Allan Pratt, MBA
The types of personal information companies collect and share depends on the product or service you get from them. This info can include: Social Security number and income, account balances and employment details, and credit history and transaction history...
December 22, 2011 Added by:david barton
Just when I thought things were getting better, along comes a press release that is wrong on so many levels I don’t even know where to begin. First, SSAE 16 is not a certification. Secondly, SOC 2 is totally unrelated to SSAE 16, which is specific guidance for conducting SOC 1 reviews...
October 20, 2011 Added by:Infosec Island Admin
The SOX Compliance series is targeted at a focused group of senior level executives to maintain an intimate atmosphere for the delegates and speakers. Since it is not a vendor driven conference, the higher level focus allows the delegates to network with their industry peers and speakers...
September 14, 2011 Added by:Infosec Island Admin
While maintaining the focus on the continual optimization of the SOX program, 22nd edition conference will draw on the more recent challenges being faced by SOX professionals in light of the recent economic climate and new Dodd-Frank requirements...
August 19, 2011 Added by:Infosec Island Admin
The system is vulnerable to attacks that would have great consequences to the financial system within the US as well as potentially the world. Perhaps Mr. Kass is just looking to leverage the fear, perhaps he is trying to fire off the "Bat Signal” that something is wrong or inevitable...
August 14, 2011 Added by:David Navetta
Banks and other financial institutions face unique issues when it comes to the use of social media. Faced with conflicts between social media platform rules, customer expectations, self-regulatory standards, and the strict regulations that govern the industry, guidance has been issued by BITS...
June 17, 2011 Added by:Robert Siciliano
It is possible to secure systems against most cybercrime but that level of security often proves too inconvenient for consumers. As long as banks continue absorbing losses from fraud, consumers remain blissfully ignorant of the consequences of inadequate security...
Hacker to Release Symantec's PCAnywhere Sour... Kajal Singh on 04-21-2015
Financial Malware Fell in 2014 As Takedown O... Kajal Singh on 04-21-2015
Weaknesses in Air Traffic Control Systems ar... Kajal Singh on 04-21-2015