Securing sensitive emails isn't just a best practice - it's often the law. Compliance with
regulations is a priority for healthcare, financial services and government organizations; it may
also need to be a priority for companies that work with these organizations or practice business
in specific...
The FFIEC's Cybersecurity Assessment Tool needs to be redesigned, as the tool's current design sets institutions up for cyber-risk assessment failure. Industry leaders say they're hopeful that change is on the way because the FFIEC is reviewing a second wave of comments about the tool's efficacy.
Soon, ongoing and persistent attacks waged for cyber-espionage and the compromise of personal and corporate information will be primary concerns for the financial services industry.
The FFIEC says it's taking several additional steps, including updating and supplementing its Information Technology Examination Handbook, to help banking institutions enhance their cybersecurity risk preparedness. Find out the details.
Emerging malware increasingly puts banks and their customers at risk for fraud. The sooner malware is detected and removed, the less likely banks are to suffer regulatory penalties and fines, and steep losses linked to fraud.
A Tennessee utility has sued its bank after a $327,000 account takeover incident. This new case shows why institutions must go above and beyond when it comes to detecting and thwarting fraud losses.
No question, the information security community - and all of us at ISMG -- lost a friend with the untimely death of Terry Austin, CEO and President of Guardian Analytics.
What's the main lesson community banks are learning from the FFIEC's cybersecurity pilot exams? That regulators want them to prove they understand emerging threats, says Booz Allen's Jeff Lunglhofer.
A Missouri-based escrow firm is considering taking its fraud case all the way to the Supreme Court now that an appellate court has denied a request to have its case involving a $440,000 account takeover loss reheard.
Choice Escrow is seeking a bench review of a recent appellate court ruling, which favored its former bank in an ACH fraud dispute. The firm argues the court set a bad precedent for future disputes by limiting Uniform Commercial Code protections.
FFIEC guidance and case law are helping banks define what constitutes "reasonable security." In a panel discussion, three experts debate the long-term impact of two recent account takeover fraud cases.
Could too much regulatory oversight hinder cyberthreat information sharing, rather than encourage it? That's an increasing concern for bankers, who argue regulators could bog down progress in cybersecurity.
The most recent Federal Financial Institutions Examination Council (FFIEC) supplement states that "...controls implemented in conformance with the guidance several years ago [the 2005 original guidance] have become less effective," and clarifies that "...malware can compromise some of the most robust online security...
A bank's $350,000 settlement with a California oil company should serve as a reminder that reasonable security measures offered by banks are increasingly critical to the outcome of account takeover disputes.
Because most online banking customers are active social media users, banking institutions should leverage social media in their fraud awareness campaigns, says David Pollino of Bank of the West, who's a featured speaker at the May 14 Fraud Summit Chicago.
