Page 138 - Latest interviews and insights on bank information security

Card Not Present Fraud

First Data on Preventing Fraud

Tracy Kitten • May 20, 2013 12 Minutes

In this exclusive interview, Tim Horton of First Data explains how the nation's largest credit card processor is helping financial institutions and merchants mitigate risks posed by malware and DDoS attacks.

Card Not Present Fraud

The Future of PCI

Tracy Kitten • May 16, 2013 15 Minutes

As the Payment Card Industry Security Standards Council prepares to update the PCI Data Security Standard, malware attacks aimed at payments networks are garnering attention, says the council's Jeremy King.

Anti-Money Laundering (AML)

Why We Can Expect More ATM Cash-Outs

Tracy Kitten • May 13, 2013 15 Minutes

Why are ATM cash-out schemes expected to increase - especially in the U.S.? John Buzzard of FICO's Card Alert Service offers insights, based on federal investigators' most recent global fraud bust.

Governance & Risk Management

Insider Threat Hovering in the Cloud

Eric Chabrow • May 13, 2013 8 minutes 9 seconds

CERT Technical Manager Dawn Cappelli tells a tale of how three individuals, who unexpectedly quit their jobs at a law firm, used a free cloud service to sabotage files containing proprietary client information from their former employer.

Fraud Management & Cybercrime

Fraud Arrests 'A Victory for Us'

Tom Field • May 10, 2013 9 minutes

Cash-out scams are old news. But the size and sophistication of the latest $45 million global fraud scheme that struck banks add up to a troubling trend, says former federal prosecutor Kim Peretti.

Fraud Management & Cybercrime

Avivah Litan on Bank Cyberheist

Tom Field • May 9, 2013 5 Minutes

How could global fraudsters steal $45 million from banking institutions without being detected or stopped? It's a process breakdown, not a technology failure, says fraud expert Avivah Litan of Gartner.

Governance & Risk Management

Mitigating Insider Threat From the Cloud

Eric Chabrow • May 9, 2013 10 minutes 51 seconds

Cloud computing providers must step up and develop approaches to prevent their employees from stealing or harming customer data they host, say two experts from Carnegie Mellon University's CERT Insider Threat Center.

DDoS Protection

OpUSA: Sizing Up the Threat

Eric Chabrow • May 7, 2013 7 minuates 48 seconds

Mark Weatherford, who recently stepped down as DHS deputy undersecretary for cybersecurity, says that although planned OpUSA DDoS attacks may initially be a nuisance, they represent a genuine long-term threat to the government.

Business Continuity Management / Disaster Recovery

Addressing DDoS in Risk Assessments

Eric Chabrow • May 3, 2013 9 minutes 51 seconds

In assessing the risk of a distributed-denial-of service attack, organizations must think beyond shoring up systems' perimeters and concentrate on analyzing cyberthreat intelligence, Booz Allen Hamilton's Sedar Labarre says.

Big Data Security Analytics

Using Big Data to Fight Phishing

Tracy Kitten • May 1, 2013 16 Minutes

Today's spear-phishing campaigns are localized, small and can slip through typical spam filters. As a result, detection practices have to evolve, says researcher Gary Warner of the University of Alabama at Birmingham.

Advanced SOC Operations / CSOC

NIST Unveils Security, Privacy Controls

Eric Chabrow • April 30, 2013 8 minutes 25 seconds

NIST's Ron Ross, a big NASCAR fan, likens new security controls guidance to the tools race-car builders use to prevent drivers from breaking their necks when crashing into a brick wall at 200 miles an hour.

Incident & Breach Response

Mandiant on Nation-State Threats

Tom Field • April 30, 2013 10 Minutes

Security firm Mandiant recently released a widely publicized report detailing cyber-espionage activity originating in China. Mandiant Director Charles Carmakal discusses the latest nation-state threats.

DDoS Protection

Spamhaus DDoS Attack Called Preventable

Eric Chabrow • April 30, 2013 5 minutes 59 seconds

The massive distributed-denial-of-service attack in Europe that targeted Spamhaus could easily have been prevented if information service providers followed a 13-year-old industry best practice, ENISA's Thomas Haeberlen says.

Events

Growing the Global Security Community

Tom Field • April 29, 2013 15 Minutes

When Richard Nealon first sat for his CISSP exam, he was struck by how U.S.-centric the questions were. Since then, he has strived to promote greater awareness of global information security concerns.

Governance & Risk Management

240 Ideas to Secure Critical IT

Eric Chabrow • April 29, 2013 8 minutes, 42 seconds

NIST's Donna Dodson is leading a federal government effort to take hundreds of suggestions from the private sector to create an IT security best practices framework that critical infrastructure operators could voluntarily adopt.