As recent incidents at Citi and BofA reinforce, most banking institutions, from large to small, have done a poor job of keeping up with inside jobs and internal threats.
RSA customers who feel victimized by last March's breach of the security vendor's computers have viable options that include continued use of the SecurID authentication tokens, those offered by competitors, or something entirely different: biometrics.
Despite increased incidents, major U.S. card issuers receive poor marks for card fraud prevention, according to a new study from Javelin Strategy & Research. The biggest area of concern: card-not-present fraud.
New mobile technology is behind a growing public concern about Internet security, says former Transportation Security Administration CISO Patricia Titus, who now holds the same post at Unisys.
"Any other bank could have just as easily been victimized," says banking fraud expert Shirley Inscoe, following the arrest of a former Citigroup executive charged with embezzling more than $19 million.
Eddie Schwartz, the new - and first - chief security officer of RSA, says the IT security provider hit by a sophisticated advanced-persistent-threat attack in March is focusing internal security on efforts to reduce the time an intruder can go undetected.
The database has become the main target for hackers and negligent insiders, as the insider breach at Bank of America showed. A recent survey highlights the need for financial institutions to enhance security measures to mitigate threats and losses.
We all know, as a result of recent breaches, Sony is in the market for a security leader. I reached out to some hiring managers and asked them: What would you look for in Sony's first CISO?
Leigh Williams says preventing online data breaches requires cooperation within the online ecosystem from domestic and international organizations. Spearheading and maintaining that cooperation requires federal oversight, he contends.
SafeNet CEO Chris Fedde says top executives, not chief information or chief information security officers, should have final say on what data to encrypt.
The announcement of LulzSec's disbandment comes within a week of the arrest of Ryan Leary,on charges of hacking a British law enforcement system. LulzSec in a posting said Leary had ties to the group.
"It's not enough to know the architecture of the breach system," says Michael Aisenberg of MITRE Corp. "Leaders have to understand the different jurisdiction of where they do business, where their customers are and which breach law applies."
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.