IT security expert Francoise Gilbert says the FFIEC's new resource document on cloud computing understates the risks all banking institutions should consider. What areas is she most concerned about?
A lingering legal dispute over a corporate account takeover incident at escrow company Village View has finally come to a close. Find out more about the details of the case and the settlement.
Dollars lost of fraud are one measure of an incident's impact. But the "soft" costs - loss of reputation and productivity - are the ones that most get the attention of Terry Austin of Guardian Analytics.
Too many banks and credit unions are being narrow-minded in their approaches to FFIEC Authentication Guidance conformance, by focusing on commercial accounts and neglecting retail accounts, one ACH fraud attorney says.
The FFIEC Authentication Guidance update has been in circulation since mid-2011. But as banking examiners begin testing for conformance, we find:
Only 11% of surveyed institutions have come into conformance since the guidance was issued;
Nearly 30% don't fully understand the guidance;
88% do not believe the...
Unmistakably, the release of the FFIEC supplement was the result of an increasingly hostile online banking environment created by the introduction of advanced malware. To effectively comply with FFIEC guidelines, financial organizations need to select a solution that is able to provide real-time threat intelligence...
In the PATCO Construction fraud case, attorney David Navetta says the court failed to address two key concerns: reasonable security and good faith. What's next in PATCO's ongoing legal battle?
From mobile malware to the Anonymous hacktivist attacks, how can banking institutions tackle the changing threat landscape? Joe Rogalski of First Niagara Bank has some new ideas.
From smart phones to tablets, laptops to USB devices, consumer technologies are ubiquitous in the workplace - and so is the 'bring-your-own-device' (BYOD) practice of allowing employees to conduct work on their own personal electronics.
But how do these consumer technologies change organizations' approaches to...
Regulators have hinted at it, and industry experts say it's coming. U.S. banking institutions can expect to see new guidance for mobile banking. The open questions are: When, and in what form?
It's been more than 10 years since enactment of the Gramm-Leach-Bliley Act (GLBA). But the fundamental security tenets of GLBA are just as relevant today - especially as banking institutions look to conform to the recently released FFIEC supplement, "Authentication in an Internet Banking Environment."
Join banking...
Risk assessments are over. Now it's time for institutions to prove they conform to the FFIEC's Authentication Guidance. Fraud expert George Tubin offers tips to prepare for the first regulatory exam.
What steps can smaller organizations and their vendors take to ensure security and regulatory compliance? They must transcend what researcher Wendy Nather calls the 'Security Poverty Line.' See how.
When it comes to employee-owned mobile devices, many organizations want to run away from the security risks of the bring-your-own-device-to-work trend. Intel chose to run toward them.
In an exclusive case study, Intel CISO Malcolm Harkins details the security challenges and business opportunities of BYOD. And he...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.