As recent incidents at Citi and BofA reinforce, most banking institutions, from large to small, have done a poor job of keeping up with inside jobs and internal threats.
Among the 12 computer-related job classifications tracked by the Department of Labor's Bureau of Labor Statistics, information security analysts was one of only two categories to report no unemployment during the second quarter of 2011.
We all know the cost of regulatory compliance - how expensive it can be to meet the standards of HIPAA, HITECH and other industry guidelines. But two organizations this week learned hard lessons about the cost of non-compliance.
Emerging technology is often touted for enhancing security. But if not properly deployed and integrated, these technologies can hinder rather than improve security.
The use of social media raises risk management issues, and education is the key to overcoming the common misperception that "you can say anything you want on social media and not have any consequences," says compliance specialist Roy Snell.
"Professionals like me now understand that we are the ambassadors for ethical behavior and should actively encourage other employees to adhere to it," says Alessandro Moretti, a senior risk and security executive.
Today's top fraud threats recognize no global boundaries, says James Ratley, head of the Association of Certified Fraud Examiners. And they require a stronger global workforce than ever before.
Jeff Kopchik of the FDIC says too much emphasis on what's "missing" from the FFIEC's new guidance detracts from regulators' intent: providing financial institutions with a guideline for securing online transactions.
For all the latest news and views, please visit the FFIEC Authentication Guidance Resource Center.
Gartner's Avivah Litan says regulators have done a nice job of emphasizing why and how banks and credit unions need to implement layered security that adequately addresses online risks. But the guidance falls short...
We all know, as a result of recent breaches, Sony is in the market for a security leader. I reached out to some hiring managers and asked them: What would you look for in Sony's first CISO?
For all the latest news and views, please visit the FFIEC Authentication Guidance Resource Center.
Aite's Julie McNelley says the final FFIEC online authentication guidance offers greater detail in areas such as layered security, but that institutions have much to do to prepare for regulatory assessments in 2012.
The Federal Financial Institutions Examination Council has formally released the long-awaited update to its "Authentication in an Internet Banking Environment" guidance. The new directives take effect January 2012.
Organizations' biggest obstacles to privacy protection are the organizations themselves - specifically, their silos - says Dr. Ann Cavoukian, proponent of the new concept, Privacy by Redesign.
SafeNet CEO Chris Fedde says top executives, not chief information or chief information security officers, should have final say on what data to encrypt.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.
