Hackers allegedly trafficking in personally identifiable data have reportedly breached the computers of three major data aggregators, raising doubts about knowledge-based authentication as a tool to verify identity.
More than 1,000 banks will test their incident response strategies by participating in a simulated cyber-attack exercise. SWACHA's Dennis Simmons says the drill, which is open to more participants, will help bolster defenses.
Version 3.0 of the Payment Card Industry Data Security Standard, to be released later this year, will include a focus on the standardization of compliance assessments, says Bob Russo of the PCI Security Standards Council.
Two more guilty pleas in a $200 million card fraud scheme highlight why banks need to ensure their identification verification policies are consistently applied and that customers are continually vetted and profiled.
How much of a free hand should units within an enterprise have in deciding social media policy? DHS's inspector general and acting chief privacy officer don't always see eye to eye on how the department should govern social media use.
Phishing attempts against bank employees are on the rise. How can institutions improve their defenses? Daniel Ingevaldson of Easy Solutions offers insights on how to combat advanced phishing techniques.
Termination of an employee after a breach should be reserved for repeat offenders, individuals who show a total disregard for the rules, those who seek to harm another or the most egregious incidents, security expert Mac McMillan contends.
In the wake of a year of attacks waged against banking institutions by Izz ad-Din al-Qassam Cyber Fighters, the FS-ISAC's Bill Nelson and the ABA's Doug Johnson say the need to regularly update DDoS preparedness is a critical lesson learned.
Ransomware attacks are rising, and a resurgence of the banking Trojan Citadel after an earlier botnet takedown is partly to blame, McAfee Labs research shows. Malware expert Ryan Sherstobitoff analyzes the implications.
As security professionals in other business sectors prepare for potential DDoS attacks, here are three important lessons they can learn from the successful defenses in the financial services industry.
Citi's settlement with two states over a breach that exposed 360,000 cards will likely set an example for other states. One expert says banking institutions will likely pay more damages when accounts are compromised.
International markets that have implemented EMV technology are seeing reductions in card fraud, but non-EMV markets are seeing dramatic upticks, says U.K.-based card fraud expert Neira Jones.
Federal indictments tied to global fraud schemes prove law enforcement is cracking down, says former federal prosecutor Kim Peretti. But increasingly these schemes are targeting smaller merchants - a worrisome trend.
Many banking institutions have done a poor job of addressing call-center fraud, says IDC analyst Jerry Silva, who offers tips on addressing the challenge of balancing customer service with security.
Operators of media sites should consider adoption of the cybersecurity framework in the aftermath of the recent domain name systems attacks aimed at The New York Times and Twitter.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.