Banking institutions should be evaluating zero-day vulnerability risks posed by Microsoft's dropping of support next month for Windows XP. But experts say their biggest concern should be how those vulnerabilities will affect customers and vendors.
Speculation surrounding the cause of the disappearance of Malaysia Airlines Flight 370 hasn't included the possibility of a cyber-attack. But one cybersecurity expert contends hacking an airliner is feasible.
Banks need to ensure they continuously monitor their cloud vendors, says Troy Wunderlich of Washington Trust, a community bank in Spokane, who outlines his institution's strategy for vendor management.
Termination of an employee after a breach should be reserved for repeat offenders, individuals who show a total disregard for the rules, those who seek to harm another or the most egregious incidents, security expert Mac McMillan contends.
The Consumer Financial Protection Bureau is the newest member of the FFIEC. So what does this additional regulatory oversight mean for U.S. financial institutions and how they prepare for future exams?
So-called patent trolling is getting attention from banking leaders and the White House. As patent attorney James Denaro points out: "Essentially every single financial institution is at risk of being accused of infringement."
Illinois-based bank holding company QCR decided to make a shift in its online-banking platform strategy after a risk assessment revealed security enhancements and customer experience improvements were needed.
Which fraud trends need the most attention from U.S. banking institutions in 2013? Distributed-denial-of-service attacks and account takeover, says FS-ISAC's Bill Nelson, who offers fraud-fighting tips.
Gov. Nikki Haley realizes the potential political consequences of a breach, which explains why she held three press conferences on three consecutive days to address her administration's response to a computer breach of the state's tax IT system.
A wave of distributed denial of service attacks on banks raises the question: Should the owners of the nation's critical information infrastructure, when assessing risk, be held to a higher standard because society relies on them to function?