As banks and credit unions assess online risk, in light of the updated guidance from the FFIEC, financial fraud analyst Tom Wills says they should consider mobile as a viable layer for out-of-band authentication.
"The more that you could focus in on computer science topics, to understand programming, network-based technology and mobile-based technology, the better off you're going to be," says Rob Lee of SANS Institute.
The National Credit Union Administration shares some thoughts about emerging online security threats - threats it expects credit unions to address as they work to comply with the updated online authentication guidance issued by Federal Financial Institutions Examination Council.
A new twist in the ongoing online security battle between banks and their commercial customers was reported this week after a corporate account in Omaha, Neb., was hit with thousands in fraudulent ACH transactions.
This $38 billion bank has invested a great deal of time and effort into its online security program, continuously conducting risk assessments and making strides to ensure commercial customers stay informed about evolving online-banking risks.
"Organized crime sees that this is a good business to come in, exploit and take advantage of the loopholes," says L.T. Lafferty, criminal defense attorney and mortgage fraud expert, on the schemes that cost banks billions each year.
With the extension of ENISA's mandate into 2013 by the European Parliament & Council, the agency can continue to educate and collaborate with other nations on cybersecurity issues, an area of constant importance.
"If left unaddressed," GAO says, "these issues will continue to increase FDIC's risk that its sensitive and financial information will be subject to unauthorized disclosure, modification or destruction."
As far as Dr. Giles Hogben of ENISA is concerned, now might be the golden opportunity for information security experts to influence the security and privacy measures that may help define Internet safety for the next decade or beyond.