Key questions: What impact - if any - will the recent RSA and Epsilon data breaches have on the FFIEC's pending authentication update? And when will this long-awaited banking guidance finally be released?
For Will Pelgrin, the former New York State chief information security officer, mobile devices, insiders and old infrastructure represent the major challenges local and state governments face in in securing information technology.
Fraud, risk management emerging technologies -- these issues know no boundaries. That's why we're launching a series of new international BankInfoSecurity sites to draw proper attention to local issues that impact the global banking industry.
Until the IRS corrects the identified weaknesses, its financial systems and information remain unnecessarily vulnerable to insider threats, including errors or mistakes and fraudulent or malevolent acts by insiders, GAO auditors says.
Banking/security leaders aren't crazy about banking regulators telling them they could have done a better job detecting ACH fraud, and they're eager for more specific guidance on what to do going forward.
Speculation about the pending update to online authentication guidance has been circulating around water coolers for months now. "A [disclosure] like this could make it more challenging for the regulators," says attorney David Navetta.
Once a CEO understands the value and risks catered through mobile functionality, it is easier to discuss mobile innovations, policy and how the company can then strike a balance to meet customer and employee requirements.
The survey of local, state and federal IT security practitioners also shows a lack of faith in secure cloud computing. Half see insider threats and poor practices as their agencies' greatest vulnerabilities.
Consumer fraud trends suggest banking institutions will lead the fight against ID fraud, and international regulators are taking closer looks cross-border payments and money laundering.
"I'm not sure there is a way to protect a customer if their actions put their network at risk," says the president of a bank victimized by corporate account takeover.
Cyberthreats stem from the malware, but monetary losses stem from money mules. I've decided to coin a new term: eFraud. I cannot think of a better way to describe the wave of fraud incidents the financial industry is facing. It's electronic.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
