The Reserve Bank of India has issued new cybersecurity guidelines to scheduled banks, directing them to devise cybersecurity policies distinct from their institutions' existing IT or IS security policies.
Asking how many different technologies consumers will tolerate when it comes to paying for their goods and services is a bit like asking how many more superheroes moviegoers will countenance in the latest "Avengers" film.
Is SWIFT now playing good cop/bad cop? While it initially promised to not police the financial services industry, it's now considering training auditors and suspending banks found to have poor information security practices.
Russian police have arrested 50 people in connection with an investigation into a hacker group suspected of unleashing a five-year series of malware-enabled hack attacks on major Russian financial institutions and stealing $25 million.
Since the theft of $81 million from the central bank of Bangladesh came to light in February, investigators have continued to probe similar SWIFT-related attacks against four other financial services firms, dating back to at least 2013.
MySpace has confirmed it is resetting millions of accounts affected by the release of 360 million usernames, email addresses and passwords. According to one expert, more of these types of big breach announcements may be coming.
IBM's Vaidyanathan Iyer says security practitioners need new tactics to bridge the skills gap and fight emerging threats. He suggests the use of analytics and machine learning would easily help fill the gap in detecting threats.
Before moving to faster payments, U.S. banks should scrutinize the security gaps exploited in the SWIFT-related bank heists and build effective risk-mitigation strategies that include stronger layers of authentication, financial fraud experts say.
A Bangladesh probe says that an insider may have assisted attackers in perpetrating the $81 million cyber heist against Bangladesh Bank. SWIFT has unveiled new security measures to help other banks, but security experts say more will be needed.
ISMG editors, in a special report, examine the status of data breach notification laws in a number of regions, including the European Union, which this past week implemented the General Data Protection Regulation, although enforcement won't take place for two years.
Financial fraud expert Avivah Litan, a Gartner analyst, says the SWIFT-related heists, which have defrauded banks out of millions of dollars in recent weeks, are not cause for "the sky is falling" alarm. She recommends key security steps to prevent further such incidents.
Singapore is considering data privacy and protection legislation soon, owing to strong support from the industry's data privacy and protection leaders. The government seems to be studying EU's General Data Protection Regulation closely to incorporate some elements.
In the wake of reports that 65 million stolen credentials from micro-blogging platform Tumblr have surfaced online, following 117 million LinkedIn credentials, it's clear that 2016 is fast becoming the year of what one security expert dubs "historical mega breaches."
The U.S. Congress delves into the issue of whether CISOs should report to CIOs, a topic that leads the Friday, May 27, 2016, edition of the ISMG Security Report, an on-demand audio report offered every Tuesday and Friday.