With many questions left unanswered regarding comprehensive cybersecurity legislation, the future seems bleak. But there's hope, says Jacob Olcott, a former top Capitol Hill staffer on cybersecurity matters.
2011 has offered quite a number of tough lessons for security professionals. Here at (ISC)2, where security education is our focus, the close of another year raises the old teacher's question: "What have we learned, class?"
Despite the FFIEC authentication guidance and the growth of online fraud, financial institutions still rely on outdated practices that expose customers to risk. How can institutions update their security measures?
In their efforts to conform with the FFIEC authentication guidance, many financial institutions are caught off-guard by the overall cost of enhanced detection and authentication for online banking. Why?
The FFIEC Authentication Guidance has resulted in a cottage industry of anomaly detection solutions. But look carefully before you buy - separate myth from reality - says Terry Austin, CEO of Guardian Analytics.
Another myth is that it's easy to do the math and spot the anomalies. But, in fact, this process...
A wave of security breaches serves as a catalyst for all types of organizations to assess the need for cyber insurance. Here's the story of one institution that saw the threat and took out a $10 million policy.
Two years after his business was a victim of ACH fraud, PATCO's Mark Patterson doubts whether most small business owners are yet aware of the risks they face. And he doesn't think the FFIEC guidance will help.
ACH fraud victim Mark Patterson says small businesses like his welcome improved online security measures from banking institutions. But is the new FFIEC Authentication Guidance sufficient? Patterson says no.
Banks and credit unions are feverishly working to meet the FFIEC's authentication compliance deadline next year. But experts say institutions should be looking beyond the guidance, by making investments in cross-channel fraud detection.