Banking institutions have a lot to do in order to prepare for the Jan. 2012 deadline to conform with the new FFIEC authentication guidance, and former banking regulator William Henley has one, simple piece of advice: start now.
Organizations taking proper preventative measures realize a cost savings of nearly 25 percent over those that don't, an analysis of a survey sponsored by Hewlett-Packard reveals. Still, the study shows, it takes longer to resolve cyberattacks than it did a year ago.
"It's time to stop shifting the security burden onto retailers and restaurants like Margarita's," says Gartner analyst Avivah Litan on the latest payment card breach. "In fact, it was time for that over five years ago."
Extensive news coverage about the attacks against RSA and others have made customers jittery. "The publicity resulted in many customers' risk tolerance going down whilst their level of awareness and concern went up," says RSA CFO David Goulden.
Because information security threats know no borders, the European Network and Information Security Agency is working hard to ensure the solutions span nations, too, says Prof. Udo Helmbrecht, ENISA's executive director.
Corporate account takeover events are reigniting the debate between banks and their former commercial customers, about everything from fraud liability and the "good faith" standard to commercially reasonable security.
With the issuance of the final FFIEC Authentication Guidance, institutions need to start moving forward on conformance, and taking a risk-focused approach is the first step, says Matthew Speare, SVP of IT for M&T Bank Corp.
The fight against cyberattacks is a top priority for financial institutions, and industry insiders are optimistic about President Obama's plan to thwart cyberattacks that lead to corporate account takeover and other forms of fraud.
The Fed's ruling on interchange, mandated by the Durbin amendment, offers financial incentives for fraud-prevention investments and could fuel a U.S. move toward new card-payment technologies, like EMV.
Some 200 people have reported fraudulent debit and credit transactions hitting their accounts after dining at Margarita's Mexican Restaurant in Texas. Investigators believe a third-party vendor may have been hacked.
The arrest is part of a continuing investigation into network intrusions and distributed denial of service attacks against a number of international business and intelligence agencies by what is believed to be the same hacking group.