No one is really sure when the FFIEC's new authentication guidance will be issued, but we do know banking institutions can't afford to wait. Hence, our new FFIEC Authentication Guidance Resource Center.
Recent hacks have uncovered security vulnerabilities that should have been addressed years ago. "These attacks are going to escalate," says Josh Corman of The 451 Group. But organizations can implement basic steps to make the hackers' job harder.
Who's behind the International Monetary Fund breach? Some observers suggest the attack could have been waged by a government to access confidential information about the financial stability of certain global markets.
Details surrounding the reported breach of the International Monetary Fund remain sketchy, but alarming. And Gartner analyst Avivah Litan believes there may be "dozens" of similar incidents that have not been disclosed.
"This is yet another [incident] in what is turning into a major 'breach streak,' which will make all of us rethink what information security really means," says Mike Urban, senior director of fraud solutions for FICO.
Breaches will not slow anytime soon, and there's not much financial institutions and the payments chain can do to stop them. At this point, the best course of action for banks and retailers is to focus on damage control.
Victimized by a hack of its SecurID authentication token that resulted in the breaches of several customers' IT systems, security maker RSA is expected to announce its first chief security officer as early as Friday.
Strong authentication, using both fact-based and behavioral-based fraud detection solutions, should be part of every financial institution's layered security approach, says Reed Taussig, CEO of ThreatMetrix.