The FFIEC's Cybersecurity Assessment Tool needs to be redesigned, as the tool's current design sets institutions up for cyber-risk assessment failure. Industry leaders say they're hopeful that change is on the way because the FFIEC is reviewing a second wave of comments about the tool's efficacy.
BankInfoSecurity announces its fourth annual list of top influencers, recognizing leaders who are playing significant roles in shaping the way banking institutions and financial services companies approach information security.
After jumping by 33 percent in 2014, the number of Americans who consider themselves IT security professionals has remained flat for the first half of 2015, according to an examination of federal government employment data. That's bad news for employers seeking IT security pros to hire.
Soon, ongoing and persistent attacks waged for cyber-espionage and the compromise of personal and corporate information will be primary concerns for the financial services industry.
It's no surprise that virus-wielding hackers are exploiting Internet of Things devices. Blame too many device manufacturers rushing products to market, skimping on secure development practices and failing to audit the third-party code they use.
While several experts say two new cyberthreat alerts from the FFIEC are primarily designed to make sure that smaller institutions are mitigating ongoing threats, Shirley Inscoe of Aite says they could also be an indicator of new threats on the horizon.
The FFIEC says it's taking several additional steps, including updating and supplementing its Information Technology Examination Handbook, to help banking institutions enhance their cybersecurity risk preparedness. Find out the details.
In the wake of an "inebriated" government employee crashing a drone on the White House lawn, federal officials sound warnings over the potential weaponization of consumer drones. But is it anything more than a Hollywood-style movie plot?
Emerging malware increasingly puts banks and their customers at risk for fraud. The sooner malware is detected and removed, the less likely banks are to suffer regulatory penalties and fines, and steep losses linked to fraud.
A Tennessee utility has sued its bank after a $327,000 account takeover incident. This new case shows why institutions must go above and beyond when it comes to detecting and thwarting fraud losses.
No question, the information security community - and all of us at ISMG -- lost a friend with the untimely death of Terry Austin, CEO and President of Guardian Analytics.
What's the main lesson community banks are learning from the FFIEC's cybersecurity pilot exams? That regulators want them to prove they understand emerging threats, says Booz Allen's Jeff Lunglhofer.
A Missouri-based escrow firm is considering taking its fraud case all the way to the Supreme Court now that an appellate court has denied a request to have its case involving a $440,000 account takeover loss reheard.
Choice Escrow is seeking a bench review of a recent appellate court ruling, which favored its former bank in an ACH fraud dispute. The firm argues the court set a bad precedent for future disputes by limiting Uniform Commercial Code protections.
FFIEC guidance and case law are helping banks define what constitutes "reasonable security." In a panel discussion, three experts debate the long-term impact of two recent account takeover fraud cases.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
