Blog

5 Concerns Every CIO and CISO Will Face in 2016: Part 2

Continuing from the previous post, here’s a look at the rest of the challenges that Chief Information Officers (CIOs) and Chief Information Security Officers (CISOs) face in 2016.

4. Reporting Lines

Consider the lines of reporting in your organization carefully. According to Jeff Spivey, international vice president of the Information Systems Audit and Control Association (ISACA), “the CISO should not report to the chief information officer.” It’s essential for the Chief Information Security Officer and team to have independence in the decisions they make, rather than having to run everything past the CIO.

(more…)

December 19, 2025
Bank of America cancels numerous debit cards

From CNET News.com…
(more…)

December 19, 2025
5 Concerns Every CIO and CISO Will Face in 2016: Part 1

In 2015, CIOs (chief information officers) and CISOs (chief information security officers) faced some serious cyber security threats, including the VTech Learning Lodge hack, which affected the data of nearly 5 million adults and 200,000 children, and the Anthem data breach, in which hackers stole 37 million customer records and passwords. With more services moving online, information security concerns show no sign of slowing down in 2016. Here are the five biggest concerns you need to consider this year.
(more…)

December 19, 2025
FFIEC Releases Guidance on Authentication in Internet Banking Environment

From the FFIEC (Web Site) Press Releases:
(more…)

December 19, 2025
Email Archiving, what’s the big deal?

It is my opinion that email archiving is about to become a requirement for all financial institutions.
(more…)

December 19, 2025
TechMecca Day #2

Hey everybody,
(more…)

December 19, 2025
Tap the break on site-authentication?

This is some interesting research that I haven’t heard before. The gist of the article is that banks considering implementing site-authentication solutions should pause to reconsider. This initial research seems to point to these methods being somewhat ineffective. This makes me curious. I wonder if information of this sort will spawn similar thinking throughout the industry. I wonder if/how regulators might react to information like this. If nothing else, its something else to keep in mind in terms of assessing risks. If your institution has a similar solution it might be a good time to make sure management has had a chance to evaluate the risk and update your risk assessment accordingly. “

December 19, 2025
Can You Tweet Securely?

The cynical 140 character or less response to the question is simple: “You don’t need to lock the outhouse door.”
(more…)

December 19, 2025
Webinars – Next Generation Compliance

Thanks to all that attending today’s webinar on ‘Next Generation Compliance’. We hope it was informative and enlightening. As promised, here is the video recording of today’s webinar. We’d love any feedback you could add on the topic today as well as other topics you’d like us to discuss more about. Feel free to mention those in the comments below. Have a great weekend everyone!
(more…)

December 19, 2025
Addressing the Human Security Vulnerability

From COMPUTERWORLD.COM
(more…)

December 19, 2025