Just when you thought PCI deadlines were behind you ...
The deadline for compliance with the Payment Card Industry's Data Security Standard DSS (PCI-DSS) 6.6 requirement is June 30. This requirement describes security steps that are intended to address threats to web applications.
But industry analysts project...
The road to PCI compliance for retailers and financial institutions may have many wrecks along the way. But there are also some solid best-practices to lead the way for PCI laggards, says David Taylor, Research Director at the PCI Alliance.
What makes one company a compliance leader and another a loser when it...
The public service announcement used to appear on television screens every night, it seemed, when I was growing up. The announcer would speak in a deep voice, "IT'S 10 p.m., do YOU know where YOUR CHILDREN ARE?" Looking around, my parents would sigh a deep breath of relief, knowing that we children were either in our...
An unencrypted backup tape is missing from the Bank of New York Mellon, potentially exposing information on 4.5 million customers of that bank and of People's United Bank of Bridgeport, CT.
The missing tape contains social security numbers and bank account information on 4.5 million customers - including several...
New Hampshire customers of TD BankNorth were notified earlier this week that their Visa debit or credit cards have been compromised, and the likeliest culprit is the recent Hannaford Brothers Supermarkets security breach.
"We became aware during the last few days that there was some fraudulent activity on some of...
Phishing, vishing, whaling - there are a growing number of electronic social engineering threats to unsuspecting consumers and their identities. Financial institutions and their customers increasingly are targets of these attacks. But they're also fighting back.
Listen to this interview to hear:
What are the...
As financial institutions continue to migrate their services and operations online, the Office of the Comptroller of the Currency reminds national banks and their technology service providers about the importance of application security as a component of an information security program.
A new OCC bulletin...
Let's cut to the chase: PCI compliance for retailers, banks and service providers is hard.
Michael Gavin, security strategist at Security Innovation, a PCI QSA and ASV assessment firm, offers his insights on PCI compliance struggles, i.e. the Hannaford breach, and the reality that there is no absolute security. A...
The era of Suspicious Activity Reports (SARs) in the United States began with the Annunzio-Wylie Anti-Money Laundering Act of 1992, which required regulated financial institutions to report transactions that they suspected might involve illicit funds or purposes.
You may ask yourself every time you complete a SAR,...
Interview with David Jevans, Director, Anti-Phishing Working Group
Phishing, vishing, whaling - there are a growing number of electronic social engineering threats to unsuspecting consumers and their identities. Financial institutions and their customers increasingly are targets of these attacks. But they're also...
Imagine the scenario: Your institution has a customer who does all of his banking online -- bill pay, transfers, account balances. This customer calls after seeing an unauthorized transaction. After tracing the account transfers, which were wired overseas, you find the customer's computer loaded with crimeware. Your...
It's not always easy to decide to stop doing business with a person or entity. In fact, it might be a decision that many bankers aren't willing to face. However, when an institution sees a growing amount of fraud losses on a customer's online banking account due to their negligence,
In case you missed it - because it wasn't a huge headline anywhere - here's a bit of news about First Pryority Bank, a 108-year-old community bank based in Pryor, OK.
Well, first a bit of background. First Pryority was founded in 1900 by W.A. Graham,
Just over two years ago, Brian Huntley arrived at Camden National Bank in Maine, charged with responding to regulatory guidance and transforming the bank's information security risk assessment program from one that was threat-based to one that is now asset-based.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.
