Welcome to BankInfoSecurity's FFIEC Guidance Resource Center!

The latest news, views and education on the Federal Financial Institutions Examination Council's latest guidance on the risks and risk management controls necessary to authenticate services in an Internet banking environment.

Full Text of Final Guidance

Tarik Saleh, DomainTools

Malware Analysis for Blue Teams

Information Security Media Group • October 31, 2018

At a time when security professionals are faced not only with a barrage of threats, but with a myriad of threat intelligence data sources, it can be challenging to know when to stop an investigation. Join DomainTools Senior Security Engineer Tarik Saleh to learn essential methodologies from a blue team perspective.

Cloud Security

Digital Transformation Puts Tremendous Pressure on IT Security; A CISO Perspective

Bring Your Own Device (BYOD)

CISO Panel Webinar: Reducing the Cyber Exposure Gap from Cloud to Containers

Latest

Cybersecurity

Modern Identity and Access Management: How to Build Trust without Sacrificing Security

Tom Field • August 23, 2018

Tom Field and Naresh Persaud of CA Technologies reflect on key findings from their recent Executive Roundtable on Modern IAM.

Cybersecurity

The Road to Business-Driven Security

Information Security Media Group • August 22, 2018

Tom Field and Ben Smith of RSA Security reflect on key findings from their recent Executive Roundtable on business-driven security.

Anti-Fraud

Disrupting the Economics of Cybercrime

Nick Flont • August 21, 2018

Cybercrime is a business and, like any business, it's driven by profit. But how can organizations make credential theft less profitable at every stage of the criminal value chain, and, in doing so, lower their risk?

Application Security

Mobile/Web App Security: How Do You Know it's Working?

August 14, 2018

Nick Holland and Chris Mizell of Arxan Technologies reflect on key findings from their recent Executive Roundtable on mobile security

Cybersecurity

Threat Hunting: How to Evolve Your Incident Response

Information Security Media Group • July 25, 2018

Tom Field and Ben Smith of RSA Security reflect on key findings from their recent Executive Roundtable on threat hunting,

Cybersecurity

Threat Hunting: How to Evolve Your Incident Response

Tom Field • June 25, 2018

Tom Field and Ben Smith of RSA Security reflect on key findings from their recent Executive Roundtable on threat hunting,

Cybersecurity

How to Use the NIST Cybersecurity Framework

Josh Mayfield • June 8, 2018

By focusing on the cybersecurity actions, NIST CSF can be flexibly deployed regardless of the setting or industry.

Compliance

Procrastinators' Guide to GDPR Compliance

Mark McGlenn • May 21, 2018

If you're paying attention, you've probably already seen a handful of GDPR-related headlines just today, let alone in the last week or month. But there are two good reasons for the deluge of GDPR discussion right now: It's incredibly important and the time to act is now.

Cybersecurity

A New Way to Handle Cyber Claims

Information Security Media Group • May 11, 2018

Eduard Goodman, global privacy officer of CyberScout, doesn't like the disorganized way most cyber incidents are handled now. Instead, he would like to see a more project management approach. Here are the benefits he foresees.

Anti-Malware

What GDPR Means for Cybersecurity

Information Security Media Group • May 4, 2018

We all know about May 25 and the enforcement deadline for Europe's General Data Protection Regulation. But what impact will GDPR have on cybersecurity programs? Danny Rogers of Terbium Labs weighs in on the topic.

Endpoint Security

Axonius: A New Approach to Device Management

Tom Field • May 2, 2018

At a time when so many new devices are connected to enterprise networks, security leaders struggle just to inventory the devices - never mind secure them. Nathan Burke, CMO of Axonius, a new device management vendor, discusses the niche Axonius fills.

Next-Generation Technologies & Secure Development

LogicHub: Automating SOC Intel

Tom Field • May 2, 2018

Monica Jain has a lot of experience in security operations centers, and she knows much of the tribal knowledge there is not automated or shared. That's why she co-founded LogicHub, a new intelligence automation platform.