Banking institutions must improve how they analyze cyber-threat intelligence. But without better tools, security leaders can't adequately anticipate new attacks, says Greg Garcia, the new executive director of the FSSCC.
Banking experts say the Retail Industry Leader Association's launch of a cyberthreat information sharing initiative is a good first step toward thwarting breaches, but it should build on the models used by other industries.
Security executives who attended ISMG's Fraud Summit Chicago said they see a growing need for sharing more cyber-intelligence with community banks and credit unions. But how else could smaller institutions improve their fraud-fighting efforts?
Embedding some information security practitioners within business units could help improve IT security awareness in many enterprises, reducing security risk, says Steve Durbin, global vice president of the Information Security Forum.
Because most online banking customers are active social media users, banking institutions should leverage social media in their fraud awareness campaigns, says David Pollino of Bank of the West, who's a featured speaker at the May 14 Fraud Summit Chicago.
Paul Kleinschnitz, general manager of payment processor First Data's cybersecurity solutions team, says there are plenty of technologies to address payment card security, but cyberthreat awareness is still lacking.
The recent Verizon Data Breach Investigation Report notes more than 16,000 incidents in the past year where sensitive information was unintentionally exposed. "Nearly every incident involves some element of human error," the report notes.
The Target breach. Account takeover. Mobile banking. Big data analytics. If these terms mean anything to you, then stop right now and give some thought to attending our Fraud Summit in San Francisco on April 29.
Women in information security are becoming even more of a minority because of poor treatment and stereotypes, says Professor Eugene Spafford. What's the cost to organizations, and how can they break the mold?
An address by FBI Director James Comey at the RSA security conference seems to equate civil liberties and privacy. But when he offers an example of balancing Americans' rights with cybersecurity, he mainly refers to the civil liberties, not privacy.
In light of the critical shortage of information security professionals, organizations must strive to become a "center for security excellence" to successfully recruit the specialists they need, says analyst John Oltsik of Enterprise Strategy Group.
While many organizations rely on employee training to help mitigate the risks of spear phishing, such efforts are generally ineffective, says Eric Johnson of Vanderbilt University, who explains why a technical solution might be better.
The National Institute of Standards and Technology this spring will unveil updated guidance on role-based cybersecurity training, which will help government agencies as well as private businesses to protect information.
Technology is the biggest challenge to ethics and compliance in organizations today, says Deloitte's Keith Darcy. "We have the capacity to do things before we ever consider the ethical consequences ..."
From new malware to the Target breach, cyber-attacks reached an all-time high in 2013, says Cisco's Annual Security Report. Cyberthreat expert Levi Gundert tells how organizations can regain the advantage in 2014.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.