Governments and others using cloud-based services should keep 10 security tips in mind, including making sure they can maintain control of their data if a service provider goes bankrupt, says Dimitra Liveri, co-author of a new report.
In the wake of a surge of lawsuits, bipartisan Congressional support is building for a measure designed to help protect banking institutions from frivolous patent infringement claims, says NAFCU's Brad Thaler.
ATM cash-outs and card-skimming schemes are getting more difficult to detect because today's attacks are global, coordinated and sophisticated, says ATM security expert Chuck Somers.
Wayne Dunn, CTO of HarborOne Bank in New England, says improving vendor management is a top security priority for institutions in 2014. As more core banking functions are outsourced, due diligence becomes increasingly critical.
For risk managers, an often overlooked step for minimizing supply chain risks is to continually monitor outsourcers and other third parties to address critical security issues, says the Information Security Forum's Steve Durbin.
Computer scientists at the Georgia Institute of Technology are developing new ways to apply encryption when storing or searching data in the cloud, says Paul Royal, associate director of the university's information security center.
U.S. Attorney Steve Wiggington says identity theft, especially linked to card skimming, is still the No. 1 fraud threat facing financial services institutions as well as consumers. He stresses information sharing is critical for fighting fraud.
Organizations need to know how other enterprises handle cyber-attacks to truly understand whether their IT security investments will pay off, the EastWest Institute's Karl Rauscher says.
Shoring up mobile security gaps should be a top 2014 priority for financial institutions, says Gartner analyst Anton Chuvakin, who contends many other security issues, including managing cloud vendors and other third parties, aren't so urgent.
Every second, 80 "things" are being connected to the Internet, and ISACA's Rob Stroud says that requires information security professionals to identify and mitigate threats, protect individuals' privacy and manage access.
New requirements to mitigate payment card risks posed by third parties, such as cloud providers and payment processors, are a focal point of the PCI Security Standards Council's updated data security standard.
Inadequate authentication is among the greatest security challenges for online payments, says Scott Dueweke of Booz Allen Hamilton, who suggests biometrics needs to play a bigger role.
For years, researchers have studied malicious insider threats. But how can organizations protect themselves from insiders who make a mistake or are taken advantage of in a way that puts the organization at risk?
The good news is: U.S. banks have learned valuable security lessons from defending against recent distributed-denial-of-service attacks. The bad news? DDoS has evolved into new and improved assaults.
Using "synthetic identities" to commit fraud is becoming easier, but it's increasingly difficult for organizations to detect this type of deception, says Claudel Chery of the U.S. Postal Inspection Service.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.