NIST proposes the establishment of an independent identity ecosystem steering group, led by the private sector but working with the federal government, to help create an environment to assure the security of online transactions.
"The misfortune here for the banks is that they can have the best fraud-detection systems out there ... but it all breaks down when they call the 'hacker' to verify the transaction," says Gartner's Avivah Litan.
Consumer behavior is the biggest concern when it comes to online risks posed by social media. But Bill Wansley of Booz Allen Hamilton says financial institutions can manage those risks. What steps does he recommend?
Rep. Dan Lungren, the bill's chief sponsor, contends the regulatory approach taken by his bill would be less intrusive on the private sector than proposed Senate legislation and a plan by President Obama.
Regulators have hinted at it, and industry experts say it's coming. U.S. banking institutions can expect to see new guidance for mobile banking. The open questions are: When, and in what form?
People, as much as anything else, are a critical aspect of information risk management, and businesses and government agencies must monitor employees - and educate them, as well - to thwart a potential threat from within.
What steps can smaller organizations and their vendors take to ensure security and regulatory compliance? They must transcend what researcher Wendy Nather calls the 'Security Poverty Line.' See how.
"It's a crime like no other crime," says James Ratley, president of the ACFE, describing fraud. "There was not a gun involved, there was not a knife; there was in many cases a ballpoint pen or a computer."
Recently discovered viruses, consisting of Trojans and other malware, at City College of San Francisco have stolen personal banking information and other data from perhaps tens of thousands of students, faculty and administrators, says John Rizzo, president of the board of trustees.
Zappos.com and its parent company Amazon.com face a class action lawsuit stemming from a recent data breach that affected more than 24 million customers.
Improved collaboration and communication between small businesses and financial institutions is the first step toward improving online security, says Mark Patterson, an ACH fraud victim. What else would help?
U.S. and European institutions can learn from DBS Bank's example. In response to a rash of fraudulent withdrawals that cost accountholders $1 million, the bank is launching a new SMS/text alert service for ATM transactions.
Cyberhackers are increasing their efforts to target online credentials. And phishing attacks waged against accountholders at Chase in the U.S. and Barclays in the U.K. have made it clear that banking accounts are the target.
Researchers say the Ramnit worm, which has defeated two-factor authentication measures used to protect bank online accounts, is now targeting Facebook - a development that should be especially concerning to banking institutions.
John Carlson sees the evolution of technology introducing new threats to financial institutions. So, how will BITS' new VP of cybersecurity and fraud prevention help banks mitigate those risks?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ffiec.bankinfosecurity.com, you agree to our use of cookies.
