Mitigating card risks associated with retail malware attacks and POS vulnerabilities is a focus of updates to the PCI Data Security Standard, say Bob Russo and Troy Leach of the PCI Security Standards Council.
Too many organizations are spending far too much money on gathering big data that they cannot put to good use, such as for fraud prevention, says IDC analyst Jerry Silva, who stresses that investments must have strategic value.
Hackers allegedly trafficking in personally identifiable data have reportedly breached the computers of three major data aggregators, raising doubts about knowledge-based authentication as a tool to verify identity.
Spear-phishing attacks aimed at bank employees are on the rise, and community banks and credit unions are particularly vulnerable. Learn why experts say authentication is failing to address the problem.
TD Bank has been ordered to pay $52.5 million in penalties for violations of the Bank Secrecy Act and securities laws as a result of failing to file timely suspicious activity reports related to nearly $1 billion worth of transactions.
More than 1,000 banks will test their incident response strategies by participating in a simulated cyber-attack exercise. SWACHA's Dennis Simmons says the drill, which is open to more participants, will help bolster defenses.
Version 3.0 of the Payment Card Industry Data Security Standard, to be released later this year, will include a focus on the standardization of compliance assessments, says Bob Russo of the PCI Security Standards Council.
Two more guilty pleas in a $200 million card fraud scheme highlight why banks need to ensure their identification verification policies are consistently applied and that customers are continually vetted and profiled.
Phishing attempts against bank employees are on the rise. How can institutions improve their defenses? Daniel Ingevaldson of Easy Solutions offers insights on how to combat advanced phishing techniques.
Termination of an employee after a breach should be reserved for repeat offenders, individuals who show a total disregard for the rules, those who seek to harm another or the most egregious incidents, security expert Mac McMillan contends.
Banks have a critical role to play in helping other industries with DDoS mitigation, as DDoS targets are expected to shift. Attacks against U.S. banks are proving increasingly ineffective because banks have enhanced their defenses.
In the wake of a year of attacks waged against banking institutions by Izz ad-Din al-Qassam Cyber Fighters, the FS-ISAC's Bill Nelson and the ABA's Doug Johnson say the need to regularly update DDoS preparedness is a critical lesson learned.
Ransomware attacks are rising, and a resurgence of the banking Trojan Citadel after an earlier botnet takedown is partly to blame, McAfee Labs research shows. Malware expert Ryan Sherstobitoff analyzes the implications.