On the record, security experts talk about the improvements banking institutions have made in DDoS defense, and there's no doubt they have made major improvements. Off the record, they are less optimistic.
Authenticating appropriate network administrators and employees has become increasingly challenging, especially for healthcare organizations and regional banking institutions, says Tim Ager of Celestix.
Business line managers are in better positions to control and monitor network and system access privileges than IT departments, since they know their employees and the privileges they should be provided, says Bill Evans of Dell Software.
DDoS attacks on U.S. banks and credit unions have resumed, just as industry experts predicted. Security specialist Bill Stewart says this wave is yet another sign that institutions must bolster defenses.
In notifying customers of a breach, the online archiving service Evernote might have confused some customers by sending them an e-mail that contained a clickable link to be used to reset passwords - despite warning against using such links.
Intelligence is helping organizations not only detect and prevent intrusions, says Mark Wood of Dell SecureWorks. It's also helping them identify they've been targeted for an attack in the first place.