"If left unaddressed," GAO says, "these issues will continue to increase FDIC's risk that its sensitive and financial information will be subject to unauthorized disclosure, modification or destruction."
As far as Dr. Giles Hogben of ENISA is concerned, now might be the golden opportunity for information security experts to influence the security and privacy measures that may help define Internet safety for the next decade or beyond.
Bob Russo says the long-awaited PCI guidance on tokenization should provide merchants with a baseline for standardization and best practices, and serve as a roadmap for how tokenization can complement compliance with the PCI-DSS.
According to FINRA, Citi's negligence in adequately supervising Tamara Moon, a former sales assistant at a Citi branch in Palo Alto, Calif., resulted in $749,978 being skimmed from the accounts of 22 Citi customers.
"There are still a lot of inexperienced people out there that are passing themselves off as experts," says Scott Laliberte, managing director of Protiviti, outlining the common challenges of penetration testing.
As fraud continues to evolve and affect financial institutions, careers are plentiful for fraud-fighting professionals, says Jean-Francois Legault, a fraud investigations specialist with Deloitte and Touche.
"I don't think there's any connection [to] the investments banks will make in fraud prevention," says Doug Johnson of the ABA. "It's not about making budget cuts; it's about protecting the customer relationship and ensuring security."
Trust has been a murky trait on the Internet since its inception. Remember the New Yorker cartoon? A dog, sitting by a PC, says: "On the Internet, nobody knows you're a dog." It's hard to trust what you see on the Net. That's more true today than ever.
As banks and credit unions work toward compliance with the FFIEC's updated online authentication guidance, they need to place their efforts and attentions on risk assessments, says Doug Johnson of the ABA.