Equifax ex-CEO Richard Smith asserts that a single employee's failure to heed a security alert led to the company failing to install a patch on a critical system, which was subsequently exploited by hackers. But his claim calls into question whether poor patch practices and management failures were the norm.
In response to nation-state attackers targeting its account users, Google reportedly is planning to offer stronger authentication to politicians, corporate executives and other at-risk individuals as part of a service called the Advanced Protection Program.
It's the age of "open banking," and that means changes for banking institutions and their customers - as well as for the fraudsters. Shaked Vax of IBM Security Trusteer talks about new vulnerabilities and anti-fraud strategies.
Aetna will move from passwords to continuous behavioral authentication next year on its consumer mobile and web applications for better security and end-user experience, says Jim Routh, the health insurer's CISO.
In the move to a cashless economy in India and elsewhere, improving user authentication is critical, but users are demanding ease of use, says Singapore-based Tom Wills, director at Ontrack Advisory. He describes the roles that biometrics and artificial intelligence will play.
In the age of ubiquitous mobility, customers' expectations have evolved - and so must an organization's approach to authentication and transaction security, says Will LaSala of VASCO Data Security.
At a time when fraud is attempted across multiple channels and customers still demand a frictionless digital experience, Kevin Donovan of Biocatch makes the case for organizations to embrace the tenets of continuous authentication.
A report on advances in authentication to secure a cashless economy leads the latest edition of the ISMG Security Report. Also, we analyze the record-shattering Anthem data breach settlement.
Enterprises should be working overtime to eradicate "EternalBlue" from their networks since two massive malware outbreaks - WannaCry and NotPetya - have targeted the Windows flaw. But vulnerability scans show there's still work to be done.
Multifactor authentication is essential to securing mobile payments as part of a multilayered defense, says Michael Lynch of Inauth, who explains a fraud-fighting strategy.
As the success of the WannaCry attacks, which impacted 150 countries worldwide, demonstrates, rapid development cycles make it difficult for organizations to mount effective defenses.
A ransomware attack on a provider of oxygen therapy has resulted in the second largest health data breach posted on the HHS tally so far this year. It's the largest ransomware-related incident listed on the "wall of shame."
Members of Parliament in Britain have had their remote email access suspended following an apparent brute-force hack attempt aimed at exploiting weak passwords to gain access to their accounts. Officials say fewer than 90 email accounts appear to have been breached.
It's easy to draw a direct link between high-profile breaches and the compromise of user credentials. But it requires a phased approach to actually improve privileged access management, says Barak Feldman of CyberArk.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.