The Framework for Improving Critical Infrastructure (commonly known as the Cybersecurity Framework) was released by NIST in April 2014. In April 2018, NIST released update v1.1 of the Framework to enhance and clarify the Cybersecurity Framework based on comments from across all industry sectors.
This session...
Each year at RSA Conference, SANS Institute provides the authoritative summary of the most dangerous new attack techniques. Their 2019 list included accurate predictions of smartphone attacks, DNS manipulation, domain fronting, cloud-on-cloud attacks and CPU flaws.
Learn more about their 2019 list, see new data about...
As a security leaders, too often you are brought to the table after a digital transformation project has been initiated, so you are forced to take a reactive position. But Adam Bosnian of CyberArk sees an important, proactive role for security. And a good start is by ensuring privileged access management is a key...
The EU's second Payments Services Directive is alive and well. And although PSD2's Regulatory Technical Standards have technically been in place since September of this year, they won't actually be actively enforced or supervised for roughly one year. But where are financial institutions now re: compliance and...
Is automation making more promises than it can keep?
Automation is still on the upward hype-cycle, according to Garner's 2019 Hype Cycle for Threat-Facing Technologies, which means that security teams too often expect stellar results from automation solutions with little expert oversight. The reality is the...
11 Best Practices to Minimize Risk and Protect Your Data
By now, we are all too aware of the consequences of a data breach:
Brand damage
Loss of customer confidence
Potentially costly litigation
Regulatory fines
However, most organizations are not as familiar with how to prevent these attacks. They still spend...
Uncover six security issues that can ruin any CISO's day, and learn how to prevent them.
CISO Alex is having a very bad day. His company's new app has critical vulnerabilities - a lot of them - and Alex has to get them all fixed before the app debuts at the launch party tonight. Can he beat the clock - and the...
Every chief information security officer (CISO) is unique. They each have varying modes of operation that are influenced by long and distinguished careers. To understand CISO strategies and approaches, we decided to conduct a study. We gathered data in a series of extended in-person interviews with 25 CISOs with the...
Numerous regulations and standards have been introduced globally to help curtail online fraud. What makes EMV 3-D Secure (also sometimes referred to as 3-D Secure 2.0) stand out? The big differentiator with EMV 3DS in emerging regulations and standards is that it's tied to law - not just recommendations.
Dowload...
Securing user accounts from both bots and human attackers has become one of the most fundamental challenges of delivering modern applications and services. Attackers continuously develop ever more sophisticated techniques for taking over user accounts.
Aggressive security policies lead to false positives and...
The insurance industry has a significant fraud problem. Whether targeting the insurance carrier, broker or policyholder, scams are a large financial burden for all stakeholders.
Insurance firms must take deliberate steps to implement a comprehensive customer authentication and fraud prevention strategy.
In this...
Your machine data has a record of all of the activity that takes place across your infrastructure. It's become the single most valuable asset in the enterprise, as the secrets to business optimization lie within the scores of microtransactions, including the ability to detect, investigate and respond to threats. And...
Now more than ever, chief information security officers (CISOs) are expected to weigh in on board-level decisions. In an increasingly competitive landscape, business acumen has become just as important as technical know-how, and executives rely on the CISO to map security programs to business objectives to promote...
From there to here, from here to there, types of fraud
are everywhere.
Fraud is responsible for billions of dollars of loss every year and accounts for 85 percent of all security breaches - and it can all start with a phishing email from a friendly prince, otherwise known as a 419 fraud.
In this children's book,...
An ever expanding attack surface, compounded by myriad connected devices is setting the stage for a whole new era of fraud in the financial services industry. Fraudsters continue to exploit the troves of PII available on the dark web to create fake credentials, with botnets and automated attacks providing fraudsters...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ffiec.bankinfosecurity.com, you agree to our use of cookies.
