Now that both the FBI and the FFIEC have issued alerts calling attention to the risks associated with interbank messaging and wholesale payments in the wake of SWIFT-related heists, U.S. institutions should brace for more regulatory scrutiny of bank-to-bank payments, financial fraud experts say.
The FFIEC has released detailed security guidance for mobile banking and payments that its examiners will now use in their assessments of financial institutions. Banking security experts offer a critique.
Threat response is a lot like physical fitness. Enterprises know what they need to do - they often just opt not to do it. RSA's Rashmi Knowles offers advice for how to move from threat prevention to response.
At a time when fraud schemes are evolving and anti-fraud solutions are in high demand, it's also time for organizations to ensure their security controls are both effective and convenient. T. Kendall Hunt, CEO of VASCO Data Security, tells how in this video interview.
The Department of Homeland security sees malware provenance - which identifies the attributes of malicious codes - as a way to complement its signature-based Einstein intrusion detection and prevention systems to find malware that infects IT systems.
The FFIEC's Cybersecurity Assessment Tool needs to be redesigned, as the tool's current design sets institutions up for cyber-risk assessment failure. Industry leaders say they're hopeful that change is on the way because the FFIEC is reviewing a second wave of comments about the tool's efficacy.
In response to banking institutions' requests for clarification of the Cybersecurity Assessment Tool, the Federal Financial Institutions Examination Council is taking a preliminary step that could lead to refinements.
The security of Internet-connected toys is in the limelight after toymaker VTech acknowledged suffering a data breach that affects 5 million accounts and personal information and photographs relating to more than 200,000 children.
Ireland's Cyber Crime Conference in Dublin drew a capacity crowd for a full day of security briefings, networking, hotly contested capture-the-flag and secure-coding challenges, as well as a chance to sharpen one's lock-picking skills.
TalkTalk's confusion in the wake of its recent data breach, as well as mangling of technical details and failure to encrypt customer data, demonstrate the importance of having an incident-response plan ready in advance of any breach, experts say.
The FBI is pursuing a suspected Russian hacker who reportedly amassed a trove of 1.2 billion stolen online credentials, plus payment card data and Social Security numbers, and who's offered access to hacked Facebook and Twitter accounts.
Despite near-constant warnings from law enforcement officials and the information security community, too many organizations still aren't taking security seriously, experts warned at the Irish Cyber Crime Conference in Dublin.
Fraudsters break into your network by phishing for access in increasingly sophisticated ways. Anthony Giandomenico of Fortinet describes the importance of tracing every step in the attack lifecycle when devising an effective security strategy.
How do you effectively secure healthcare networks when so many devices access them? Deena Thomchick of Fortinet discusses the unique challenges faced by healthcare leaders required to guard against incursion, both by outside hackers and insiders.
In an age of ubiquitous information sharing, it is critical to control how information is presented - and to whom. Lynne Courts of Seclore discusses new security strategies and solutions that address this need.