Welcome to BankInfoSecurity's FFIEC Guidance Resource Center!

The latest news, views and education on the Federal Financial Institutions Examination Council's latest guidance on the risks and risk management controls necessary to authenticate services in an Internet banking environment.

Full Text of Final Guidance

How to Stop a Potential Ransomware Attack Before it Happens

Information Security Media Group • December 1, 2021

In this on-demand webinar, you’ll learn how you can get out in front of the ransomware threat to stop hackers from locking down your data in the first place.

►

Access Management

The Evolution of Bots

Latest

3rd Party Risk Management

Risk Quantification 101: Communicate Risk in Dollars and Cents

Information Security Media Group • November 9, 2021

In this video, LogicGate and Protiviti explores the fundamentals of risk quantification and highlight how the practice empowers you to leverage the power of risk confidently and strategically.

Application Security & Online Fraud

Fraud Transformation: Balancing Business and Customer Needs

Tom Field • October 11, 2021

More than two-thirds of survey respondents say they take a balanced approach - business, customers and compliance - investing in fraud prevention technology. So, why do they also report customer friction among their top challenges? BioCatch's Raj Dasgupta analyzes the results of the new Fraud Transformation Survey.

Profiles in Leadership: Dr. Frances Undelikwo, Fidelity Bank

Suparna Goswami • October 11, 2021

Dr. Frances Undelikwo, divisional head of IT and operational risk management at Fidelity Bank in Nigeria, says she found her passion by trying out different departments and fields under information security. She discusses her career path and current role.

CISO Trainings

Analyzing the Results of the 2021 Cybersecurity Complexity Study, EU & UK

Information Security Media Group • October 8, 2021

In this exclusive interview, Martin Cook, Senior Solutions Engineer with ReliaQuest, discusses how to reduce complexity, increase visibility and tap into new resources to enhance your own abilities to detect, investigate and respond to attacks.

Fraud Management & Cybercrime

Ransomware: A Problem of Excesses

Tom Field • September 29, 2021

You can't decrease the motivation of ransomware attackers. But you can curb their success by bolstering your own enterprise's approach to access, credentials and privileges. Morey Haber and James Maude of BeyondTrust share insights on ransomware defense.

Next-Generation Technologies & Secure Development

Cybersecurity Awareness 2021: #BeCyberSmart about Account Takeover Attackers

• November 15, 2021

Attackers are innovating constantly to try to increase their success rates as they work to evade detection and mitigation technologies in the kill chain. But the future isn’t just more and more attacks.

Next-Generation Technologies & Secure Development

Breaking Down the Cloud Firewall

• November 15, 2021

Join Akamai solution engineers Ashwini Naidu, Swagatta Dutta Choudhury, and Felix Addo for an interactive workshop as they take a deep dive and dispel myths about cloud WAF.

DDoS Protection

Rethinking Risk in the Wake of DDoS Extortion

• November 15, 2021

This webinar helps to understand the evolution of DDoS extortion, its ramifications on 2021 security postures, and the latest best practices to fight back and reduce your risk.

CISO Trainings

How To Protect Sensitive Data From Ransomware in AWS

Information Security Media Group • November 10, 2021

Watch this video to see how these controls can be easily setup and enforced.

Cryptocurrency Fraud

Keeping the US Dollar on Top as Cryptocurrency Rises

Suparna Goswami • October 29, 2021

While overregulating the cryptocurrency space is not advisable, it is important for the Biden administration to look into the areas in which cryptocurrencies pose the greatest risks, says Nichole Dennis, director and government relations specialist with Cybercrime Support Network.

Governance & Risk Management

Securing Digital Transformation for Legacy Systems

Suparna Goswami • October 1, 2021

How does one begin to secure the digital transformation journey in two legacy enterprises? Kush Sharma, principal for Sharma and Company and former CISO for the city of Toronto, shares his experience and offers advice on investing in and integrating technologies.

Digital Identity

Continuous Delivery Meets Continuous Security

Tom Field • September 29, 2021

Digital transformation and the advent of continuous delivery in software engineering has created a new demand for continuous security. This evolution requires a shift of mindset for most security teams, says Karl Mattson, CISO of Noname Security. He discusses the challenges and benefits.