The database has become the main target for hackers and negligent insiders, as the insider breach at Bank of America showed. A recent survey highlights the need for financial institutions to enhance security measures to mitigate threats and losses.
Security experts at this week's Gartner Security and Risk Management Summit agree: Security, not compliance, has to be the new focus. Cyberintrusions cannot be stopped, and the RSA breach should be a lesson to the industry.
Breaches will not slow anytime soon, and there's not much financial institutions and the payments chain can do to stop them. At this point, the best course of action for banks and retailers is to focus on damage control.
Payment card fraud. ACH and wire transfers. ATM skimming. And especially insider crimes. These are among today's top information security threats to institutions, says banking regulator Gigi Hyland in an exclusive interview.
Two stories stand out when I look back on the month of May: the POS PIN pad swap scheme that hit Michaels crafts stores in more than 20 states and the insider job at Bank of America that led to $10 million being stolen from some 300 customer accounts.
An inside breach at BofA that led to more than 300 compromised accounts signifies growing concerns about internal threats. But experts say organizations can implement strategies to detect - and in some cases even predict - internal fraud.
Key questions: What impact - if any - will the recent RSA and Epsilon data breaches have on the FFIEC's pending authentication update? And when will this long-awaited banking guidance finally be released?
For Will Pelgrin, the former New York State chief information security officer, mobile devices, insiders and old infrastructure represent the major challenges local and state governments face in in securing information technology.
Fraud, risk management emerging technologies -- these issues know no boundaries. That's why we're launching a series of new international BankInfoSecurity sites to draw proper attention to local issues that impact the global banking industry.
Until the IRS corrects the identified weaknesses, its financial systems and information remain unnecessarily vulnerable to insider threats, including errors or mistakes and fraudulent or malevolent acts by insiders, GAO auditors says.
Banking/security leaders aren't crazy about banking regulators telling them they could have done a better job detecting ACH fraud, and they're eager for more specific guidance on what to do going forward.