The potential of governments messing with commercial IT security products - think China and the NSA - means organizations need to improve lines of communications to assure the integrity of the IT wares they acquire. ISF's Steve Durbin discusses mitigating supply-chain risk.
Whether reports that the National Security Agency entered into a secret contract with security provider RSA are true or not - and RSA says they're not - the reputations of all American security vendors have been tarnished.
President Obama met with technology company executives critical of his administration's surveillance program a day after a federal judge ruled that portions of the National Security Agency program could be unconstitutional.
Cybersecurity risks posed by inadequate IAM and IT asset management are mounting. Now the National Cybersecurity Center of Excellence has drafted guidance to address banking institutions' unique risks, says Nate Lesser, the center's deputy director.
Call center fraud is one of the leading threats that financial institutions will battle next year because fraudsters consider the centers to be an easy target. But what can be done to mitigate this threat?
Wayne Dunn, CTO of HarborOne Bank in New England, says improving vendor management is a top security priority for institutions in 2014. As more core banking functions are outsourced, due diligence becomes increasingly critical.
Federal investigators announced five more arrests this week in connection with a $45 million ATM cash-out and prepaid card fraud scheme. Learn why experts expect these types of crimes to become even more common.
For risk managers, an often overlooked step for minimizing supply chain risks is to continually monitor outsourcers and other third parties to address critical security issues, says the Information Security Forum's Steve Durbin.
The breach of a card loyalty marketing company has reignited discussions about the roles banking institutions, regulators and others play when it comes to mitigating third-party risks. Where should the buck stop?
As efforts to fix technical glitches on the HealthCare.gov website for Obamacare continue, taking steps to ensure security should be a top priority. Otherwise, efforts to build trust in the system will fail.
The Office of the Comptroller of the Currency is the first major U.S. banking regulator to issue updated guidance on third-party risks. What are the key tenets, and what should institutions expect next?
In the wake of an ongoing stream of merchant and payment processing breaches, the FDIC is reminding smaller banking institutions that they are ultimately responsible for ensuring the security of cardholder data.
Comptroller of the Currency Thomas Curry's comments in a Sept. 18 speech could be an early indication that regulators will put more pressure on banks and service providers to fill cybersecurity gaps, some observers say.