2011 has offered quite a number of tough lessons for security professionals. Here at (ISC)2, where security education is our focus, the close of another year raises the old teacher's question: "What have we learned, class?"
Calif.-based grocer Save Mart confirms dozens of reports by employees and customers about account compromises linked to the merchant's recent breach. Are these incidents linked to a larger, organized crime ring?
Despite the FFIEC authentication guidance and the growth of online fraud, financial institutions still rely on outdated practices that expose customers to risk. How can institutions update their security measures?
A card compromise at a California-based grocery chain has raised questions about the efficacy of PCI-DSS. Experts say even if merchants are compliant, fraudsters can easily get around the security measures.
In their efforts to conform with the FFIEC authentication guidance, many financial institutions are caught off-guard by the overall cost of enhanced detection and authentication for online banking. Why?
Bank of America, a pioneer in mobile banking, says mobile is hot, but it also opens financial institutions to unknown risks. What proactive steps should banks and credit unions take to ensure they're ready?
Phishing schemes, like the one claiming to be from the Better Business Bureau, target consumers who have concerns about troubled accounts or account breaches. And social engineering is used more often to acquire financial and personal information.
BITS president Paul Smocer says banks can expect an uptick in cybersecurity-focused legislation in 2012. What impact will changes from Capitol Hill have on requirements for data breach notification, information sharing and critical infrastructure?
Authorities in New York have indicted 28 suspects for their alleged connection to a skimming scheme that targeted AmEx cardholders. What did the take-down expose about growing innovations in insider fraud?
The FFIEC Authentication Guidance has resulted in a cottage industry of anomaly detection solutions. But look carefully before you buy - separate myth from reality - says Terry Austin, CEO of Guardian Analytics.
Another myth is that it's easy to do the math and spot the anomalies. But, in fact, this process...