The potential of governments messing with commercial IT security products - think China and the NSA - means organizations need to improve lines of communications to assure the integrity of the IT wares they acquire. ISF's Steve Durbin discusses mitigating supply-chain risk.
Whether reports that the National Security Agency entered into a secret contract with security provider RSA are true or not - and RSA says they're not - the reputations of all American security vendors have been tarnished.
President Obama met with technology company executives critical of his administration's surveillance program a day after a federal judge ruled that portions of the National Security Agency program could be unconstitutional.
Cybersecurity risks posed by inadequate IAM and IT asset management are mounting. Now the National Cybersecurity Center of Excellence has drafted guidance to address banking institutions' unique risks, says Nate Lesser, the center's deputy director.
The final version of the FFIEC's guidance on social media use clarifies how banks should assess consumer and third-party risks. But suggested controls for employee risks are still missing.
A Senate committee will soon consider a patent reform measure that is less aggressive than a recently approved House bill designed to help stem the tide of patent infringement lawsuits that sometimes target security technologies.
Call center fraud is one of the leading threats that financial institutions will battle next year because fraudsters consider the centers to be an easy target. But what can be done to mitigate this threat?
While U.S. payments networks and card issuers are planning to transition to EMV cards, Gartner analyst Anton Chuvakin says they could be wasting their time. It may be too late for this chip technology in the U.S.
As U.S. banking institutions make the EMV migration, fraud will migrate from payments cards to areas such as check and first-party fraud, says Fiserv's Mike Urban. How must institutions prepare?
In the wake of a surge of lawsuits, bipartisan Congressional support is building for a measure designed to help protect banking institutions from frivolous patent infringement claims, says NAFCU's Brad Thaler.
NIST will soon start writing the "final" version of its cybersecurity framework, a guide to information security best practices for operators of the nation's critical infrastructure. But should it be beta tested?
The financial services industry will make wider use of data analytics next year as the value of leveraging big data to help prevent or detect fraud becomes more clear, experts predict.
Wayne Dunn, CTO of HarborOne Bank in New England, says improving vendor management is a top security priority for institutions in 2014. As more core banking functions are outsourced, due diligence becomes increasingly critical.
Federal investigators announced five more arrests this week in connection with a $45 million ATM cash-out and prepaid card fraud scheme. Learn why experts expect these types of crimes to become even more common.
For risk managers, an often overlooked step for minimizing supply chain risks is to continually monitor outsourcers and other third parties to address critical security issues, says the Information Security Forum's Steve Durbin.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.