The Financial Stability Oversight Council says banking regulators need to ensure institutions are expanding their cyber-intelligence sharing and third-party oversight as attacks against the financial infrastructure mount.
Banking experts say the Retail Industry Leader Association's launch of a cyberthreat information sharing initiative is a good first step toward thwarting breaches, but it should build on the models used by other industries.
Security executives who attended ISMG's Fraud Summit Chicago said they see a growing need for sharing more cyber-intelligence with community banks and credit unions. But how else could smaller institutions improve their fraud-fighting efforts?
Embedding some information security practitioners within business units could help improve IT security awareness in many enterprises, reducing security risk, says Steve Durbin, global vice president of the Information Security Forum.
Conventional wisdom dictates that the high demand for IT security practitioner would cause salaries to rise, perhaps significantly. But a new study by SANS shows only a slight fattening of paychecks for many IT security professionals.
Because most online banking customers are active social media users, banking institutions should leverage social media in their fraud awareness campaigns, says David Pollino of Bank of the West, who's a featured speaker at the May 14 Fraud Summit Chicago.
Paul Kleinschnitz, general manager of payment processor First Data's cybersecurity solutions team, says there are plenty of technologies to address payment card security, but cyberthreat awareness is still lacking.
The recent Verizon Data Breach Investigation Report notes more than 16,000 incidents in the past year where sensitive information was unintentionally exposed. "Nearly every incident involves some element of human error," the report notes.
To help address the shortage of qualified cybersecurity professionals, (ISC)Â² is offering colleges and universities a variety of assistance with bolstering cybersecurity education and preparing students for certification.
The Target breach. Account takeover. Mobile banking. Big data analytics. If these terms mean anything to you, then stop right now and give some thought to attending our Fraud Summit in San Francisco on April 29.
President Obama has reportedly decided that the government shouldn't exploit encryption flaws, such as Heartbleed, in most instances unless there's "a clear national security or law enforcement need." But how should that need be determined?
In many if not most enterprises, the chief information security officer reports to the chief information officer. After all, enterprises cannot function without IT, and security is a support function to safeguard data and systems. Or is it?
Women in information security are becoming even more of a minority because of poor treatment and stereotypes, says Professor Eugene Spafford. What's the cost to organizations, and how can they break the mold?