In 2014, the FFIEC released the Joint Statement "Distributed Denial-of-Service (DDoS) Cyber-Attacks, Risk Mitigatio, and Additional Resources." This session will review the six primary guidelines provided within the statement, assess the evolution(s) that have occurred in the threat landscape since its release and...
High-pressure. Fast-paced. Threats coming from all directions. The battle against payment fraud isn't unlike the game of basketball. Wire fraud and ACH fraud are on the rise, and financial institutions cannot be slow on the defense - to win, they must detect fraud in real-time.
Banking channels through which...
Easy Solutions' Ricardo Villadiego addresses how the digital revolution, millennials and the widespread use of online communications affect financial fraud.
In this transcript from his video interview at RSA Conference 2017, Villadiego:
Explains why banks are not proactive when it comes to fraud protection;...
Securing sensitive emails isn't just a best practice - it's often the law. Compliance with
regulations is a priority for healthcare, financial services and government organizations; it may
also need to be a priority for companies that work with these organizations or practice business
in specific...
The FFIEC's Cybersecurity Assessment Tool needs to be redesigned, as the tool's current design sets institutions up for cyber-risk assessment failure. Industry leaders say they're hopeful that change is on the way because the FFIEC is reviewing a second wave of comments about the tool's efficacy.
Soon, ongoing and persistent attacks waged for cyber-espionage and the compromise of personal and corporate information will be primary concerns for the financial services industry.
The FFIEC says it's taking several additional steps, including updating and supplementing its Information Technology Examination Handbook, to help banking institutions enhance their cybersecurity risk preparedness. Find out the details.
Emerging malware increasingly puts banks and their customers at risk for fraud. The sooner malware is detected and removed, the less likely banks are to suffer regulatory penalties and fines, and steep losses linked to fraud.
A Tennessee utility has sued its bank after a $327,000 account takeover incident. This new case shows why institutions must go above and beyond when it comes to detecting and thwarting fraud losses.
No question, the information security community - and all of us at ISMG -- lost a friend with the untimely death of Terry Austin, CEO and President of Guardian Analytics.
What's the main lesson community banks are learning from the FFIEC's cybersecurity pilot exams? That regulators want them to prove they understand emerging threats, says Booz Allen's Jeff Lunglhofer.
A Missouri-based escrow firm is considering taking its fraud case all the way to the Supreme Court now that an appellate court has denied a request to have its case involving a $440,000 account takeover loss reheard.
Choice Escrow is seeking a bench review of a recent appellate court ruling, which favored its former bank in an ACH fraud dispute. The firm argues the court set a bad precedent for future disputes by limiting Uniform Commercial Code protections.
FFIEC guidance and case law are helping banks define what constitutes "reasonable security." In a panel discussion, three experts debate the long-term impact of two recent account takeover fraud cases.
Could too much regulatory oversight hinder cyberthreat information sharing, rather than encourage it? That's an increasing concern for bankers, who argue regulators could bog down progress in cybersecurity.
