The breach earlier this month of certificate authority DigiNotar could prove to be the worst security event ever to happen on the Internet because it threatens, at its core, a fundamental principle of Internet transactions - economic and social - trust.
International communication and public-private partnerships are the keys to cybersecurity in the financial space, according to the Department of Homeland Security and the Financial Services - Information Sharing and Analysis Center.
Are executives spending too much time and energy focused on external hacks, sacrificing attention they should be paying to internal threats? It's good that business leaders understand insiders pose risks, but are they taking those risks as seriously as they should?
The Finnish security provider F-Secure concludes the attack e-mail doesn't look too complicated. In fact, it's very simple. But the exploit inside Excel was a zero-day attack at the time and RSA couldn't have protected against it by patching its systems.
As banks and credit unions assess online risk, in light of the updated guidance from the FFIEC, financial fraud analyst Tom Wills says they should consider mobile as a viable layer for out-of-band authentication.
"The timing and the targets point to China," says cybersecurity policy expert James Lewis. "Spying right before the Beijing Olympics and focusing on Southeast Asia reflects China's larger interests more than those of any other country."
Organizations taking proper preventative measures realize a cost savings of nearly 25 percent over those that don't, an analysis of a survey sponsored by Hewlett-Packard reveals. Still, the study shows, it takes longer to resolve cyberattacks than it did a year ago.
Corporate account takeover events are reigniting the debate between banks and their former commercial customers, about everything from fraud liability and the "good faith" standard to commercially reasonable security.