"The timing and the targets point to China," says cybersecurity policy expert James Lewis. "Spying right before the Beijing Olympics and focusing on Southeast Asia reflects China's larger interests more than those of any other country."
Organizations taking proper preventative measures realize a cost savings of nearly 25 percent over those that don't, an analysis of a survey sponsored by Hewlett-Packard reveals. Still, the study shows, it takes longer to resolve cyberattacks than it did a year ago.
Corporate account takeover events are reigniting the debate between banks and their former commercial customers, about everything from fraud liability and the "good faith" standard to commercially reasonable security.
Social media, mobility and cloud computing are new areas of risk for organizations, and risk managers need to go back to the fundamentals of understanding the information they are protecting, says Robert Stroud, ISACA's international vice president.
Doug Johnson of the American Bankers Association says banking institutions should spend the next five months focusing on their risk assessments, as they work to meet the FFIEC's new authentication guidance update.
"The FFIEC guidance does a good job of addressing today's and yesterday's threats and suggested techniques, but it is not sufficiently forward-looking," says Gartner's Avivah Litan. "Two years from now, the guidance will be sorely out of date."
Online and mobile banking are taking the world by storm - especially in the Asia-Pacific region. But many institutions are simply not prepared to manage security and privacy appropriately in these venues, says Gartner's Matthew Cheung.
Organizations are starting to adapt to cloud computing, but they're hesitant about placing their core assets in the online environment, according to results from the 2011 ISACA IT Risk/Reward Barometer.
Breaches will not slow anytime soon, and there's not much financial institutions and the payments chain can do to stop them. At this point, the best course of action for banks and retailers is to focus on damage control.