An independent presidential panel makes recommendations to limit the National Security Agency's surveillance methods, including curtailing the way the government systematically collects and stores metadata from Americans' phone calls.
Financial institutions and businesses in other sectors must continually collect information about their online customers to ensure stronger authentication, says Avivah Litan, a fraud expert and analyst for the consultancy Gartner.
Face-to-face and over-the-phone social-engineering schemes are increasingly used to perpetrate fraud, highlighting the need for more education and real-time transaction monitoring, says Gartner's Avivah Litan.
Breach statistics for 2012 show DDoS attacks dramatically increased in all sectors, says Verizon's Dave Ostertag. "If your organization, company or agency has a presence on the Internet, you're a potential victim now."
Anonymous says its OpUSA attack planned for May 7 aims to 'wipe' government and banking websites from the Internet. Security experts say the threat is real, but are U.S. organizations taking it seriously?
NIST's Ron Ross, a big NASCAR fan, likens new security controls guidance to the tools race-car builders use to prevent drivers from breaking their necks when crashing into a brick wall at 200 miles an hour.
Hacktivists' phase 3 DDoS attacks against U.S. financial services firms have entered their eighth week, and FS-ISAC spokesman Greg Garcia says concerns are mounting that a criminal element to the attacks could emerge.
American Express confirms it was hit this week by a distributed-denial-of-service attack. The hacktivist group that has targeted banks in recent months claims credit for this latest high-profile attack.
On the record, security experts talk about the improvements banking institutions have made in DDoS defense, and there's no doubt they have made major improvements. Off the record, they are less optimistic.