Establishing an effective security incident response program is a key component of an information risk management strategy. And NIST has issued draft guidelines to help organizations implement such a program.
The FDIC has issued revised guidance describing potential risks associated with relationships to third-party payment processors. What are regulators' new risk-management expectations of banks?
Regulators have hinted at it, and industry experts say it's coming. U.S. banking institutions can expect to see new guidance for mobile banking. The open questions are: When, and in what form?
"These changes might not otherwise be troubling but for one significant change to your terms of service: Google will not permit users to opt out," the leaders of a House panel say in a letter to Google CEO Larry Page.
Risk assessments are over. Now it's time for institutions to prove they conform to the FFIEC's Authentication Guidance. Fraud expert George Tubin offers tips to prepare for the first regulatory exam.
How can companies and IT security leaders keep a security breach from becoming a long-term problem and stop it from negatively affecting their customer base?
Spear phishing, or targeted phishing, schemes are the industry's most concerning trend, according to a new report from the APWG. So, what can we do to curb phishing attacks? Executives at BITS and FS-ISAC have a new idea.
What steps can smaller organizations and their vendors take to ensure security and regulatory compliance? They must transcend what researcher Wendy Nather calls the 'Security Poverty Line.' See how.
Bringing Your Own Device raises jitters among employers, who worry about exposing or losing sensitive data, and employees, who fret about their bosses spying on them. Despite these anxieties, the trend will continue because that's what people want.
IT security leaders rely on penetration testing to determine whether applications are secure. But penetration tests can't be a primary source of assurance, says Jeff Williams, co-founder of OWASP.
The Europay, MasterCard, Visa standard, commonly used in most global markets, is coming to the U.S. The sooner issuers, acquirers and merchants initiate migrations, the better, says Stephanie Ericksen, head of authentication product integration at Visa.
Zappos.com and its parent company Amazon.com face a class action lawsuit stemming from a recent data breach that affected more than 24 million customers.
A group of Saudi Arabian hackers, identified as "Nightmare," conducted distributed denial-of-service attacks Jan. 16 against the Tel Aviv Stock Exchange and El Al, Israel's national carrier.
Wikipedia.org founder Jimmy Wales pledges to shutter the online encyclopedia from midnight Tuesday to midnight Wednesday to protest anti-piracy legislation before Congress that he contends would threaten Internet freedom if enacted.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.