Our inaugural Fraud Summit on Oct. 22 at the Meadowlands in New Jersey will feature an impressive lineup of information security leaders offering timely insights about practical risk mitigation strategies.
Vermont's $30,000 settlement with a breached retailer proves states can play an important role in holding retailers more accountable for losses associated with card fraud, and issuers should take notice, one banker says.
Regulators need to do a better job of notifying banks promptly when they find severe security flaws at third parties, especially core banking processors. And community banks need to collaborate on assessments of third-party risks.
Banks need to ensure they continuously monitor their cloud vendors, says Troy Wunderlich of Washington Trust, a community bank in Spokane, who outlines his institution's strategy for vendor management.
In the wake of an ongoing stream of merchant and payment processing breaches, the FDIC is reminding smaller banking institutions that they are ultimately responsible for ensuring the security of cardholder data.
Major agencies continue to struggle with implementing the Federal Information Security Management Act, which governs government cybersecurity, more than a decade after its enactment, according to a GAO report.
Mitigating card risks associated with retail malware attacks and POS vulnerabilities is a focus of updates to the PCI Data Security Standard, say Bob Russo and Troy Leach of the PCI Security Standards Council.
With the prospect of a federal government shutdown, and its implications for IT security, it's worth considering what happened in Minnesota two years ago, when a similar budget squabble shuttered state operations for 20 days.
TD Bank has been ordered to pay $52.5 million in penalties for violations of the Bank Secrecy Act and securities laws as a result of failing to file timely suspicious activity reports related to nearly $1 billion worth of transactions.
Version 3.0 of the Payment Card Industry Data Security Standard, to be released later this year, will include a focus on the standardization of compliance assessments, says Bob Russo of the PCI Security Standards Council.
While some in Congress argue about whether the Department of Homeland Security has too much cybersecurity authority, recently retired leader Bruce McConnell offers his take on why the department is playing an appropriate role.