Speculation about the pending update to online authentication guidance has been circulating around water coolers for months now. "A [disclosure] like this could make it more challenging for the regulators," says attorney David Navetta.
"It's interesting to see regulators putting the onus on the financial companies for fraud that occurs after the theft has already happened," says David Navetta, co-chairman of the American Bar Association's Information Security Committee.
Describing it as the capstone publication of a partnership with the defense and intelligence communities, NIST publishes new guidance on managing security risk associated with the operation and use of IT systems.
A preliminary draft of new authentication guidance puts greater responsibility on financial institutions, and the ACH/wire fraud case between Experi-Metal Inc. and Comerica Bank marks the first major corporate account takeover incident to hit a courtroom.
A preliminary draft of new online authentication guidance from the Federal Financial Institutions Examination Council puts greater responsibility on the shoulders of financial institutions to enhance security.
Executives deal with risk all of the time, except that is, information technology risk. For many non-IT leaders in government and business, IT risk is outside their comfort zone. Oregon CISO Theresa Masse wants to change that.
Cyber criminals typically will move on to a target that is much less secure but those behind advanced persistent threats will spend months if not years trying to penetrate an IT system until they succeed, says Dmitri Alperovitch, McAfee Labs threat research vice president.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.