Banks and credit unions are feverishly working to meet the FFIEC's authentication compliance deadline next year. But experts say institutions should be looking beyond the guidance, by making investments in cross-channel fraud detection.
Bank of America's Keith Gordon says securing the mobile channel is much like securing any other banking channel: Controlling risks requires layers of security and controls. But educating customers plays a key security function, too.
An estimated 650,000 customers have recently switched from big banks to community banks and credit unions. But are these smaller institutions prepared for the new demand for security and fraud prevention?
What fraud and security issues does Paul Smocer, the new president of BITS, see as being top concerns in the coming year? Mobile payments, social media, and a strong need for institutions and organizations to comply with existing guidance top the list.
In Aberdeen's research, "Managing Vulnerabilities and Threats: No, Anti-Virus is Not Enough" (December 2010), we saw that companies perceive malware as both high-incidence and high-risk, and that they are spending a material amount of money on their vulnerability management initiatives. But further analysis shows that...
When Mano Paul of (ISC)2 discusses today's top application security challenges, he draws an analogy with sharks. And what he views as the skills needed to tackle today's top threats might surprise you.
Software applications are the lifeblood of every organization, and today's #1 IT security threat is vulnerabilities in these applications. Complexity, interconnection and criticality of source code have resulted in a dangerous proliferation of vulnerabilities and risks.
Register for this session to learn:
The rising trend of smartphone usage across the financial services industry is causing concern amongst IT departments struggling to manage policy, security and support. Such challenges can be trumped using effective mobile device management software. Good for Enterprise(TM) allows businesses to access and protect data...
The Fed's ruling on interchange, mandated by the Durbin amendment, offers financial incentives for fraud-prevention investments and could fuel a U.S. move toward new card-payment technologies, like EMV.
People's view of cybersecurity will need to broaden over the next few years, says IT expert Robert Brammer. That's why a consortium has been established to conduct research on the security of computer systems, as well as other areas where computerization has excelled.
The Fed's ruling on interchange cuts mandated by the Durbin Amendment will aid fraud prevention and could accelerate a move to chip-based payments, says Randy Vanderhoof, director of the Smart Card Alliance.
"The FFIEC guidance does a good job of addressing today's and yesterday's threats and suggested techniques, but it is not sufficiently forward-looking," says Gartner's Avivah Litan. "Two years from now, the guidance will be sorely out of date."
The release of the list coincides with the issuance of the Common Weakness Scoring System that allows software makers to identify vulnerabilities in their programs and buyers to determine software they acquire is secure.
Security experts at this week's Gartner Security and Risk Management Summit agree: Security, not compliance, has to be the new focus. Cyberintrusions cannot be stopped, and the RSA breach should be a lesson to the industry.