FFIEC guidance and case law are helping banks define what constitutes "reasonable security." In a panel discussion, three experts debate the long-term impact of two recent account takeover fraud cases.
Could too much regulatory oversight hinder cyberthreat information sharing, rather than encourage it? That's an increasing concern for bankers, who argue regulators could bog down progress in cybersecurity.
The most recent Federal Financial Institutions Examination Council (FFIEC) supplement states that "...controls implemented in conformance with the guidance several years ago [the 2005 original guidance] have become less effective," and clarifies that "...malware can compromise some of the most robust online security...
A bank's $350,000 settlement with a California oil company should serve as a reminder that reasonable security measures offered by banks are increasingly critical to the outcome of account takeover disputes.
Because most online banking customers are active social media users, banking institutions should leverage social media in their fraud awareness campaigns, says David Pollino of Bank of the West, who's a featured speaker at the May 14 Fraud Summit Chicago.
Fraud Summit - San Francisco 2014 - It has been nearly three years since the FFIEC issued updated guidance aimed in part at curtailing incidents of corporate account takeover. Yet, banking/security leaders today say their current anti-fraud investments have done little to reduce fraud incidents or losses. Register for...
A DDoS attack against Ellie Mae, which provides technologies to mortgage originators, comes just as banking regulators issue a reminder about the risks associated with such attacks. Experts offer risk mitigation insights.
The FFIEC just issued new guidelines on DDoS risks to U.S. banking institutions. What is the substance of these guidelines, and how must banks and credit unions respond? Rodney Joffe of Neustar offers advice.
The final version of the FFIEC's guidance on social media use clarifies how banks should assess consumer and third-party risks. But suggested controls for employee risks are still missing.
Banks need to ensure they continuously monitor their cloud vendors, says Troy Wunderlich of Washington Trust, a community bank in Spokane, who outlines his institution's strategy for vendor management.
The Consumer Financial Protection Bureau is the newest member of the FFIEC. So what does this additional regulatory oversight mean for U.S. financial institutions and how they prepare for future exams?
So-called patent trolling is getting attention from banking leaders and the White House. As patent attorney James Denaro points out: "Essentially every single financial institution is at risk of being accused of infringement."
Illinois-based bank holding company QCR decided to make a shift in its online-banking platform strategy after a risk assessment revealed security enhancements and customer experience improvements were needed.
The PATCO fraud case shows why banking institutions cannot rely on compliance to ensure security. In an RSA 2013 preview, attorney Joseph Burton discusses legal lessons from the PATCO settlement.
Which fraud trends need the most attention from U.S. banking institutions in 2013? Distributed-denial-of-service attacks and account takeover, says FS-ISAC's Bill Nelson, who offers fraud-fighting tips.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ffiec.bankinfosecurity.com, you agree to our use of cookies.