Visa and FireEye Join Forces to Help Merchants, Financial Institutions Defend Against Targeted Attacks on Consumer Payment Data

Visa Inc. (NYSE:V) and FireEye, Inc. (FEYE) today announced their intention to co-develop tools and services to help merchants and issuers protect against advanced cyber attacks targeting payment data. The first of its kind Visa and FireEye Community Threat Intelligence (CTI) offering will bring together threat information from both companies,…

read more

Career Spotlight: What I Do as an “Ethical Hacker”

You occasionally hear about major security vulnerabilities being discovered before they’re exploited, like the notorious Heartbleed bug last year. Security researchers work hard to weed out those dangerous flaws before they’re found by hackers of more malicious intent. This breed of preemptive hacking is sometimes referred to as white hat,…

read more

International President: War of the words

Body: Baseball. Sunshine. Welcome. Do those words ring a bell? They might, if you are among those using lazy passwords to protect yourself online. In October 2012 SplashData, which produces password-management apps, released its annual “Worst Passwords” list, a compilation of the (ostensibly) secret words most commonly cracked by hackers….

read more

BYOD: The march of consumerization

Body: Consumerize (v): to make (goods or a product) suitable or available for mass consumption; to encourage or foster the widespread consumption of (goods or a product). The inexorable—and accelerating—march of computing in the business environment; from enterprise-class mainframes to low-cost PCs and servers to the bring-your-own-device (BYOD) movement; threatens…

read more

Milestone CISA

Body: As ISACA celebrates the 35th anniversary of the CISA certification this year, we congratulate each and every professional who has achieved this distinction. And as ISACA recently certified the 100,000th CISA since the designation’s inception in 1978, we take this moment to profile one of the newest to achieve…

read more

Meet Your Board Members: Ramsés Gallego

Body: Today’s ISACA Now post profiles ISACA International Vice President Ramsés Gallego, CISM, CGEIT, CISSP, SCPM, Six Sigma Black Belt, who in 2012 was named security strategist and evangelist for Quest Software, a Dell company. Ramsés has served on ISACA’s Guidance and Practices Committee, and the CISM and CGEIT Certification…

read more

Meet Your Board Members: Krysten McCabe

Body: Today’s ISACA Now post profiles Krysten McCabe, CISA, a director on ISACA’s board. Krysten is also a senior manager in the Assurance and Advisory Management Program at The Home Depot and a member of ISACA’s Audit and Finance Committees. ISACA: Describe your professional background. Krysten: I was an IT…

read more

The art of the snake-oil salesman

Body: If you are an information security professional who is anything like me, you are probably happiest sitting at your desk writing policies, evaluating controls and studying for the next exam. However, as the world changes, we must adapt and change with it. And part of that change includes increased…

read more

Cut through the fog of cloud computing

Body: Is cloud computing marketing hype, a reality or a bit of both? More than 40 years after singer Joni Mitchell’s “Both Sides Now” was written, the lyrics “It’s cloud illusions I recall, I really don’t know clouds at all” aptly capture a lot of the confusion about cloud computing…

read more

How auditors can prepare for PS Prep certification

Body: PS Prep Certification is an outcome of US legislation enacted to increase the preparedness of the private sector. It is a partnership between the US Department of Homeland Security (DHS), the US Federal Emergency Management Agency (FEMA) and the private sector, and enables private entities to receive emergency preparedness…

read more

With a little help from my friends

Body: I recently came across a notice that an Israeli-based immigration agency had published an Internet vilification on their customer-directed wall. The agency listed all the materials they possessed in an effort to show that this attack was triggered by a competitive agency. Their evidence included court protocols, apology letters…

read more

10 privacy resolutions for 2013

Body: With the rise of big data come big challenges, including how to deal with increasingly challenging privacy issues. To help protect information, which has become the currency of the 21st century, here are10 resolutions for your enterprise to adopt in 2013: 1.     Assign someone to be responsible for your…

read more