The final version of the FFIEC's guidance on social media use clarifies how banks should assess consumer and third-party risks. But suggested controls for employee risks are still missing.
Mobile security is no longer about managing devices, says Ian McWilton of Moka5. The real trick is to secure corporate assets through containerization solutions that reduce costs and improve user experience.
A new takeover scam that the FBI calls a "man-in-the-e-mail" attack has drained $1.65 million from three Seattle-area businesses' accounts. Learn what steps to take to avoid becoming the next victim.
To improve cyberthreat and cybercrime information sharing, law enforcement officials and business leaders need to develop better working relationships, says federal prosecutor Erez Liebermann.
The financial services industry will make wider use of data analytics next year as the value of leveraging big data to help prevent or detect fraud becomes more clear, experts predict.
Financial institutions and businesses in other sectors must continually collect information about their online customers to ensure stronger authentication, says Avivah Litan, a fraud expert and analyst for the consultancy Gartner.
Jeh Johnson, at his confirmation hearing to be the next Homeland Security secretary, pledges to fix internal cybersecurity problems at DHS before seeking further authority to have the department help other agencies get their IT security houses in order.
Mobile security is no longer about managing devices, says Ian McWilton of Moka5. The real trick is to secure corporate assets through containerization solutions that reduce costs and improve user experience.
Inadequate authentication is among the greatest security challenges for online payments, says Scott Dueweke of Booz Allen Hamilton, who suggests biometrics needs to play a bigger role.
What are the distinct phases of the fraud lifecycle, and how can banking institutions intervene at each stage to prevent losses? Daniel Ingevaldson of Easy Solutions offers fraud-fighting tips.
The good news is: U.S. banks have learned valuable security lessons from defending against recent distributed-denial-of-service attacks. The bad news? DDoS has evolved into new and improved assaults.
For years, researchers have studied malicious insider threats. But how can organizations protect themselves from insiders who make a mistake or are taken advantage of in a way that puts the organization at risk?
The Office of the Comptroller of the Currency is the first major U.S. banking regulator to issue updated guidance on third-party risks. What are the key tenets, and what should institutions expect next?
The good news is: U.S. banks have learned valuable security lessons from defending against recent distributed-denial-of-service attacks. The bad news? DDoS has evolved into new and improved assaults.
What is hostile profile takeover, and why does this emerging threat pose such a risk to smart phone users? Dave Jevans, CTO of Marble Security, describes this and other new mobile threats.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ffiec.bankinfosecurity.com, you agree to our use of cookies.