The National Credit Union Administration is the second federal regulator to issue a warning about fraud risks linked to DDoS. One legal expert says banking institutions must heed the warning.
Bashas' network attack highlights how PCI compliant companies can still be breached. So what steps should merchants take to ensure better security, and how should banks help them?
Highly publicized breaches at Facebook, Twitter, the New York Times and other organizations in recent weeks suggest there's a new normal in the cyberthreat arena. But the onetime head of U.S. CERT, Mischel Kwon, doesn't think so.
Federal regulators have issued draft guidance for the use of social media. What are the specific security risks? The FDIC's Elizabeth Khalil discusses how banking institutions can address emerging threats.
The hacktivist group Izz ad-Din al-Qassam Cyber Fighters warns that DDoS attacks against U.S. banks could resume soon. What tips do security experts offer for DDoS detection and response?
The Federal Reserve confirms it's been breached. What message does this attack send to banking institutions and their vendors about the heightened urgency to implement security best practices?
Ron Ross, the NIST computer scientist who heads the initiative that is revising the guidance, characterizes the updated publication as the most comprehensive one since the initial catalogue of controls was issued in 2005.
A strategic security analyst from Mandiant, the company that's examining recent hacks from the inside, explains why such cyber-assaults will likely intensify under the leadership of China's new president, Xi Jinping.
The FFIEC has issued proposed risk management guidance for the use of social media. Find out about the key recommendations, and why experts say the guidance could prove valuable to banking institutions.
It will be a few years until many organizations reach a level of maturity with continuous monitoring. Getting there will take organizationwide acceptance, says George Schu of Booz Allen Hamilton.
Many organizations are weighing whether cyber-insurance is a worthwhile investment. A decision on the type of policy to buy, and what it should cover, depends, in part, on the type of information that could be exposed.
U.S. banks are improving efforts to thwart distributed-denial-of-service attacks. But they're struggling to find the balance between informing customers and giving attackers too much publicity.
Karen Scarfone, who coauthored NIST's encryption guidance, sort of figured out why many organizations don't encrypt sensitive data when they should. The reason: they do not believe they are required to do so.
The Government Accountability Office is preparing a comprehensive analysis of the nation's cybersecurity strategy to determine its effectiveness in securing government IT and critical information infrastructures.
Former FBI cyber unit chief Tim Ryan sees mounting dangers from the insider, acknowledging undiscerning employees who don't follow proper processes can cause devastation. But he says the actions of those with malicious intent can be more catastrophic.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.