2011 has offered quite a number of tough lessons for security professionals. Here at (ISC)2, where security education is our focus, the close of another year raises the old teacher's question: "What have we learned, class?"
Calif.-based grocer Save Mart confirms dozens of reports by employees and customers about account compromises linked to the merchant's recent breach. Are these incidents linked to a larger, organized crime ring?
Despite the FFIEC authentication guidance and the growth of online fraud, financial institutions still rely on outdated practices that expose customers to risk. How can institutions update their security measures?
A card compromise at a California-based grocery chain has raised questions about the efficacy of PCI-DSS. Experts say even if merchants are compliant, fraudsters can easily get around the security measures.
BITS president Paul Smocer says banks can expect an uptick in cybersecurity-focused legislation in 2012. What impact will changes from Capitol Hill have on requirements for data breach notification, information sharing and critical infrastructure?
Authorities in New York have indicted 28 suspects for their alleged connection to a skimming scheme that targeted AmEx cardholders. What did the take-down expose about growing innovations in insider fraud?
A wave of security breaches serves as a catalyst for all types of organizations to assess the need for cyber insurance. Here's the story of one institution that saw the threat and took out a $10 million policy.
Banks and credit unions are feverishly working to meet the FFIEC's authentication compliance deadline next year. But experts say institutions should be looking beyond the guidance, by making investments in cross-channel fraud detection.
Analog skimming devices that rely on audio technology are not new. They've been around since the early 1990s. But this less-expensive technology is making a comeback, some say, because of the downturn in the global economy.
Pradeep Moudgal says the U.S. is migrating toward EMV. But how much new investment are card issuers going to have to make, and what steps does the collective industry need to take to ensure the transition from the mag-stripe to the chip is a smooth one?