The penalties paid out by HSBC and Standard Chartered Bank for violations to money-laundering regulations should serve as a wake-up call, says Kevin Sullivan. In fact, banking institutions should brace for more fines.
The answer seems obvious, especially in the context of IT security and information risk. Yet, is it, especially when developing codes and standards, as well as funding research and development initiatives that involve taxpayer money?
In a new alert, the OCC says banking institutions should be concerned about fraud attempts linked to recent distributed-denial-of-service attacks on prominent U.S. banks.
As the recent PATCO case shows, fraud litigation is moving away from just establishing damages. The key legal question now is: What is reasonable security? Attorneys discuss the 2013 fraud legal landscape.
HSBC and SCB will pay millions in penalties for violating anti-money-laundering laws. Experts say the penalties are justified, but question the deterrent effect.
Because many merchant compromises result from badly installed or configured applications, payments acquirers, such as Chase Paymentech, are stepping up to help address point-of-sale security.
The individual implementing security - the chief information officer - can't be the same as the person responsible for testing security, conducting audit and reporting on security weaknesses, South Carolina Inspector General Patrick Maley says.
Information sharing is key. The more we share about attacks - vulnerabilities and vectors - the more we will learn about how the attacks are waged, who's behind them and what they're after.
Given the magnitude of sensitive information on Social Security Administration computers, the inspector general says, any loss of confidentiality, integrity or availability of systems or data could have a significant impact on the nation's economy.
How do we provide mobile applications to our users that fulfill their need for immediate access, but also provide them with assurance that their information is safe? Here are four fundamentals.
Organizations that have struggled with risk assessments to comply with PCI-DSS requirements now can take advantage of new guidance. Learn about the latest advice on how to address shortcomings.
The goal is admirable: Eliminate all traces of online information about an individual if that's what he or she wants. But is the right to be forgotten an impossible dream?
David Sherry, CISO of Brown University, sees the security leadership role transitioning completely to risk and governance over the next few years. What challenges will leaders face along the way?
It's been nearly a month since the latest DDoS attack against a U.S. banking institution. What do the hacktivists say? Are the attacks over, or can we expect to see a new round of assaults?
Despite numerous data breaches, as well as financial incentives and penalties, many healthcare organizations aren't taking risk assessment requirements seriously. Experts offer insights on best practices.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.
