Some 200 people have reported fraudulent debit and credit transactions hitting their accounts after dining at Margarita's Mexican Restaurant in Texas. Investigators believe a third-party vendor may have been hacked.
On June 28, the FFIEC released its final, formal version of its Authentication Guidance. Not even one month later, we've created three new training programs to help banking institutions understand and conform with the guidance.
In a merger, it's important for both organizations to have strong communication and data protection processes in place, says Phil Romero, senior security architect of First Technology Federal Credit Union. His institution just led a $4.75 billion merger.
It's not enough for banking institutions to conform to the FFIEC Authentication Guidance update. They also must ensure that their key vendors meet the same standards, says Philip Alexander of Wells Fargo Bank.
Keeping data secure is the greatest challenge during any merger or acquisition, and the first critical step is figuring out which confidential information could be at risk of exposure.
Jeff Kopchik of the FDIC says too much emphasis on what's "missing" from the FFIEC's new guidance detracts from regulators' intent: providing financial institutions with a guideline for securing online transactions.
The release of the list coincides with the issuance of the Common Weakness Scoring System that allows software makers to identify vulnerabilities in their programs and buyers to determine software they acquire is secure.
The FDIC's Donald Saxinger says vendor management programs are getting more scrutiny from regulators, especially in areas of emerging technology, such as cloud computing and mobile banking.
After one commercial customer fell victim to corporate account takeover, this institution suffered significant losses and learned that legal disputes rarely favor the bank.
In the wake of the RSA, Epsilon and Sony PlayStation data breaches, we spoke to two global information security leaders and asked for their three biggest leadership lessons learned. Here is what they shared.
Top executives seek the CISO's advice to help determine whether cloud computing benefits outweigh the risks. Here are the top five cloud security risks and concerns CISOs must discuss with their leaders.
While the cause of the Epsilon e-mail breach has not been publicly disclosed, the incident's aftermath has seen a growing list of organizations impacted by the breach. It also has ignited a new debate about the sensitivity of e-mail addresses.
Altra Federal Credit Union developed a calculated strategy before moving to the cloud -- advice all financial institutions should follow, says Brian Boettcher, VP of IT, who shares his lessons learned.
"It is the biggest breach we have ever seen; and to say no financial information has been stolen is, well, understating the massive breach and concern," says Neil Schwartzman, founder and chief security specialist at CASL Consulting.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.