"With the increasing breadth and depth of cyberattacks ... risk assessments provide important information to guide and inform the selection of appropriate defensive measures so organizations can respond effectively," guidance coauthor Ron Ross says.
Charles Intriago says AML investments and controls need to be streamlined. And through a new association, Intriago aims to train a new kind of financial-crime specialist that is equipped to connect fraud-fighting dots.
Developing secure mobile applications is just one part of the process in creating new programs. Communicating how applications are secured is crucial in building IT security awareness among stakeholders.
Citadel, one of the latest Zeus trojan variants, is a prime example of how hackers are pairing sophistication with practical conveniences. RSA's Etay Maor explains why that combination is so threatening.
Cyberthieves are exploiting weaknesses in the U.S. payments infrastructure as an easy-to-travel avenue for access to intellectual capital, says risk consultant Bill Wansley. What can be done to stop them?
Preparing for an exam to assess FFIEC Authentication Guidance conformance can be daunting. But according to one bank's experience, it doesn't have to be. What words of advice does this institution share?
CSC's Sam Visner sees organizations, in growing numbers, thinking more intelligently about cloud computing, its security and architecture. Yet, he says, they're being very deliberate in their approach in adopting cloud computing.
More malware attacks fueled by Citadel and Reveton are getting attention from federal authorities, which say banking institutions and consumers should be on high alert. What can institutions do to mitigate emerging malware risks?