How will federal banking regulators respond to growing criticism of the FFIEC's Cybersecurity Assessment Tool? A new FDIC publication leads some experts to believe no new guidance is forthcoming. Here's why.
Securing sensitive emails isn't just a best practice - it's often the law. Compliance with
regulations is a priority for healthcare, financial services and government organizations; it may
also need to be a priority for companies that work with these organizations or practice business
The FFIEC's Cybersecurity Assessment Tool needs to be redesigned, as the tool's current design sets institutions up for cyber-risk assessment failure. Industry leaders say they're hopeful that change is on the way because the FFIEC is reviewing a second wave of comments about the tool's efficacy.
BankInfoSecurity announces its fourth annual list of top influencers, recognizing leaders who are playing significant roles in shaping the way banking institutions and financial services companies approach information security.
The FFIEC says it's taking several additional steps, including updating and supplementing its Information Technology Examination Handbook, to help banking institutions enhance their cybersecurity risk preparedness. Find out the details.
A Missouri-based escrow firm is considering taking its fraud case all the way to the Supreme Court now that an appellate court has denied a request to have its case involving a $440,000 account takeover loss reheard.
In 2011, the FFIEC issued guidance requiring financial institutions to beef up their online authentication and fraud prevention efforts. Yet today, account takeover is more rampant than ever. Professional cybercrime crews easily circumvent common anti-fraud measures to steal millions from banks and credit...
Choice Escrow is seeking a bench review of a recent appellate court ruling, which favored its former bank in an ACH fraud dispute. The firm argues the court set a bad precedent for future disputes by limiting Uniform Commercial Code protections.
Could too much regulatory oversight hinder cyberthreat information sharing, rather than encourage it? That's an increasing concern for bankers, who argue regulators could bog down progress in cybersecurity.
The most recent Federal Financial Institutions Examination Council (FFIEC) supplement states that "...controls implemented in conformance with the guidance several years ago [the 2005 original guidance] have become less effective," and clarifies that "...malware can compromise some of the most robust online security...
Fraud Summit - San Francisco 2014 - It has been nearly three years since the FFIEC issued updated guidance aimed in part at curtailing incidents of corporate account takeover. Yet, banking/security leaders today say their current anti-fraud investments have done little to reduce fraud incidents or losses. Register for...
The FFIEC just issued new guidelines on DDoS risks to U.S. banking institutions. What is the substance of these guidelines, and how must banks and credit unions respond? Rodney Joffe of Neustar offers advice.
A DDoS attack against Ellie Mae, which provides technologies to mortgage originators, comes just as banking regulators issue a reminder about the risks associated with such attacks. Experts offer risk mitigation insights.