Out with the old; in with the new. It's time for security-minded organizations to invest in the power and protection of the next generation firewall, says Matt Keil of Palo Alto Networks.
In an exclusive interview about the evolving firewall, Keil discusses:
Why current firewalls are failing us?
The Federal Financial Institutions Examination Council (FFIEC) recently released a supplement to the "Authentication in an Internet Banking Environment" guidance, originally published in 2005. Within this update are "Specific Supervisory Expectations" related to an overall "General Supervisory Expectation" that...
Nessa Feddis of the ABA says increased investments in technology at the bank and consumer levels have fueled confidence in online banking. "I think the reason you see an uptick in use here is because the channel is more secure."
The Treasury Department's Office of Terrorism and Financial Intelligence has worked to prevent anti-money laundering and illegal cash flow from reaching the hands of terrorist groups, but more needs to be done to further mitigate risks, says Treasury Assistant Secretary Daniel L. Glaser.
"What banks need to be aware of is that much of this fraud is occurring on the consumer and business-customer side, and not all of them will invest in technology that catches these attacks," says Phil Blank of Javelin Strategy & Research.
Philip Reitinger's appointment as Sony's first chief information security officer comes more than four months after a massive breach of Sony's PlayStation gaming system that exposed the personal identifiable information of some 77 million customers.
In an ironic twist, a new phishing scheme, purporting to be from the Federal Deposit Insurance Corp., actually claims to offer assistance with ACH and wire fraud, but instead delivers malware that could enable fraud.
Are executives spending too much time and energy focused on external hacks, sacrificing attention they should be paying to internal threats? It's good that business leaders understand insiders pose risks, but are they taking those risks as seriously as they should?
More pressure from the FFIEC to increase online security authentication practices can be leveraged with interchange incentives being offered by the Fed for debit- fraud-prevention investments mandated by the Durbin amendment, and institutions should take advantage.
Doug Johnson of the ABA and FS-ISAC says banks and commercial customers are improving efforts to catch and thwart incidents of corporate account takeover, a sign that the industry is moving in a positive payments direction.
Many disaster-related attacks are personal and direct, perpetrated through a phone call. But some take traditional routes, such as e-mail, while more are taking emerging routes, like text messages to mobile devices.
The Finnish security provider F-Secure concludes the attack e-mail doesn't look too complicated. In fact, it's very simple. But the exploit inside Excel was a zero-day attack at the time and RSA couldn't have protected against it by patching its systems.