The OCC's DDoS risk warnings to community banks may indicate more regulatory scrutiny is on the way. Banks should prepare for more oversight of their cyber-attack reporting and threat mitigation practices.
Former federal banking examiner Amy McHugh says banks can learn a lot from recent legal decisions and settlements in account takeover cases, including which authentication and online-banking security investments they should make.
Another organized cyber-attack and subsequent cash-out scheme illustrates increasing risks to the U.S. payments chain. One fraud expert says this trend "is of grave concern" for banking institutions and their accountholders.
The participation of Microsoft and other software vendors in an operation to take down 1,400 Citadel botnets illustrates why more public-private collaboration is needed to tackle emerging cybercrimes, operation participants say.
Financial fraud expert Joe Rogalski explains why card issuers are ultimately responsible for losses linked to ATM cash-out schemes, like the $45 million worldwide cyberheist that made headlines last month.
As they develop mitigation strategies, organizations must keep in mind that all cyber-attacks, ranging from DDoS to phishing, ultimately aim to compromise data - and they virtually all are advanced and persistent.
An organization's security is only as strong as that of its partners, says Mandiant Director Charles Carmakal, who offers insight on common attack trends emerging from recent data breach investigations.
How could global fraudsters steal $45 million from banking institutions without being detected or stopped? It was a process breakdown, not a technology failure, says fraud expert Avivah Litan of Gartner.