Payment card fraud is a reality the industry is learning to deal with, through stronger analytical tools and transaction monitoring, financial experts says.
When it comes to hot topics, they don't get hotter than authentication, cloud computing and IT governance - all of which I've discussed at length in recent interviews with industry thought-leaders. Let's review some highlights from these conversations.
Bankers aren't waiting for the FFIEC to act on the release of its updated online authentication. Instead, they've already begun to comply with the major points recommended in the draft. And the death of Osama bin Laden has heightened concerns terrorists' efforts to launder money through legitimate banking channels.
Wire fraud incidents from China prove current security measures, including multifactor authentication, are too easy to bypass. And security pundits say it all points back to why the financial industry needs more guidance about adequate online security.
"Our security teams were working very hard to defend against denial of service attacks, and that may have made it more difficult to detect the intrusion quickly, all perhaps by design," Sony Computer Entertainment America Chairman Kazuo Hirai said in a letter to Congress.
From mobile devices to social media and cloud computing, IT governance is all about risk management. "You can't de-risk everything, but you can de-risk the majority of circumstances you will see in normal operations," says governance expert Robert Stroud.
Intel CISO Malcolm Harkins says the Sony PlayStation breach reminds CISOs in all sectors that such incidents can't be avoided, but their risks can be managed.
Four years ago, the Council of Registered Ethical Security Testers began as an organization to bring standardization to the penetration testing industry. Today, CREST's scope is expanding across industries and global regions, says president Ian Glover.
It's been over three months since the accidental disclosure. When will the final FFIEC authentication update be released? "I don't think we're any less safe," says Gartner's Avivah Litan. "We just need to step up enforcements."
Gigi Hyland, board member of the National Credit Union Administration, says the latest draft of authentication guidance is awaiting final signoff from just one member agency of the Federal Financial Institutions Examination Council.
Most furloughed federal employees would have had to turn in their BlackBerries and other mobile devices in a U.S. government shutdown. Just as well, using the technology could have resulted in an employee landing in the slammer.
The Epsilon e-mail breach has opened the door for what experts fear could be 'massive spear phishing attacks.' Here are 7 security tips to help organizations protect themselves and their customers.
Defining essential federal information systems to keep operating during a partial government shutdown could prove more complex than defining essential federal workers not to furlough.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.