For all the latest news and views, please visit the FFIEC Authentication Guidance Resource Center.
Aite's Julie McNelley says the final FFIEC online authentication guidance offers greater detail in areas such as layered security, but that institutions have much to do to prepare for regulatory assessments in 2012.
The Federal Financial Institutions Examination Council has formally released the long-awaited update to its "Authentication in an Internet Banking Environment" guidance. The new directives take effect January 2012.
The Final FFIEC Guidance has been issued and its main intent is to reinforce the 2005 Guidance's risk management framework and update the Agencies' expectations regarding customer authentication, layered security, or other controls in the increasingly hostile online environment.
The release of the list coincides with the issuance of the Common Weakness Scoring System that allows software makers to identify vulnerabilities in their programs and buyers to determine software they acquire is secure.
SafeNet CEO Chris Fedde says top executives, not chief information or chief information security officers, should have final say on what data to encrypt.
Security experts at this week's Gartner Security and Risk Management Summit agree: Security, not compliance, has to be the new focus. Cyberintrusions cannot be stopped, and the RSA breach should be a lesson to the industry.
Facebook's facial recognition feature clearly impacts the privacy profession and workplace by creating new challenges and raising significant concerns on the issue of trust.
Online and mobile banking are taking the world by storm - especially in the Asia-Pacific region. But many institutions are simply not prepared to manage security and privacy appropriately in these venues, says Gartner's Matthew Cheung.
No one is really sure when the FFIEC's new authentication guidance will be issued, but we do know banking institutions can't afford to wait. Hence, our new FFIEC Authentication Guidance Resource Center.
Organizations are starting to adapt to cloud computing, but they're hesitant about placing their core assets in the online environment, according to results from the 2011 ISACA IT Risk/Reward Barometer.
Information Security Media Group announces the launch of FFIEC Authentication Guidance, a resource center dedicated to providing in-depth news and views on the pending online authentication guidance.
Recent hacks have uncovered security vulnerabilities that should have been addressed years ago. "These attacks are going to escalate," says Josh Corman of The 451 Group. But organizations can implement basic steps to make the hackers' job harder.
"This is yet another [incident] in what is turning into a major 'breach streak,' which will make all of us rethink what information security really means," says Mike Urban, senior director of fraud solutions for FICO.
Breaches will not slow anytime soon, and there's not much financial institutions and the payments chain can do to stop them. At this point, the best course of action for banks and retailers is to focus on damage control.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.