Financial institutions and businesses in other sectors must continually collect information about their online customers to ensure stronger authentication, says Avivah Litan, a fraud expert and analyst for the consultancy Gartner.
The breach of a card loyalty marketing company has reignited discussions about the roles banking institutions, regulators and others play when it comes to mitigating third-party risks. Where should the buck stop?
Although businesses understand the benefits of sharing cyber-threat information with law enforcement, they often let perceived legal constraints prevent them from collaborating, says Mary Galligan, a former FBI investigator.
Jeh Johnson, at his confirmation hearing to be the next Homeland Security secretary, pledges to fix internal cybersecurity problems at DHS before seeking further authority to have the department help other agencies get their IT security houses in order.
One key provision of Article 4A of the Uniform Commercial Code, which deals with reasonable security measures for banks, needs to be dropped, contends attorney Dan Mitchell, who represented PATCO Construction in an account takeover dispute.
A new set of patent infringement suits is targeting payment card networks, payment processors and e-commerce sites. Meanwhile, the American Bankers Association has endorsed pending federal legislation designed to help curb these legal actions.
Shoring up mobile security gaps should be a top 2014 priority for financial institutions, says Gartner analyst Anton Chuvakin, who contends many other security issues, including managing cloud vendors and other third parties, aren't so urgent.
Every second, 80 "things" are being connected to the Internet, and ISACA's Rob Stroud says that requires information security professionals to identify and mitigate threats, protect individuals' privacy and manage access.
As efforts to fix technical glitches on the HealthCare.gov website for Obamacare continue, taking steps to ensure security should be a top priority. Otherwise, efforts to build trust in the system will fail.
Do you know how many government agencies or, for that matter, critical infrastructure operations that have been attacked online? Neither does Congress. But some senators have introduced legislation to find out.