Greg Rattray, VP of Security at BITS, says we can't necessarily stop the spread of dangerous malware like Zeus, but banking institutions can do a better job of mitigating the risk and damage that follow such an attack.
No one is really sure when the FFIEC's new authentication guidance will be issued, but we do know banking institutions can't afford to wait. Hence, our new FFIEC Authentication Guidance Resource Center.
"I'd like to make sure our recommendations fit with what the FFIEC is recommending, to continue to help us mitigate risk," says Michael J. Wyffels, SVP and CTO of QCR Holdings Inc. "But the hackers seem to continue to find new ways to exploit vulnerabilities."
Strong authentication, using both fact-based and behavioral-based fraud detection solutions, should be part of every financial institution's layered security approach, says Reed Taussig, CEO of ThreatMetrix.
David Navetta, an attorney who specializes in IT security and privacy, says the magistrate's recommendation, if accepted by the judge, could set an interesting legal precedent about the security banks are expected to provide for commercial customers.
For nearly two years, banks and businesses across the U.S. have been plagued by a wave of corporate account takeover. And while there's no one answer, Texas bank examiner Phillip Hinkle sees ways that institutions can better detect and prevent these crimes.
Payment card fraud. ACH and wire transfers. ATM skimming. And especially insider crimes. These are among today's top information security threats to institutions, says banking regulator Gigi Hyland in an exclusive interview.
As emerging technologies such as cloud computing and mobile banking become the norm, the FDIC's Donald Saxinger says vendor management programs must specifically address the outside risks posed by working with non-traditional financial services providers.