As banks and credit unions assess online risk, in light of the updated guidance from the FFIEC, financial fraud analyst Tom Wills says they should consider mobile as a viable layer for out-of-band authentication.
We're pleased that two members of Congress have asked the Government Accountability Office to study whether federal regulators are adequately addressing the security risks involved in using wireless medical devices.
"Veterans should have consistent and convenient access to reliable VA information real time using social media, whether on a smartphone or a computer," Secretary of Veterans Affairs Eric Shinseki says.
"The timing and the targets point to China," says cybersecurity policy expert James Lewis. "Spying right before the Beijing Olympics and focusing on Southeast Asia reflects China's larger interests more than those of any other country."
Organizations taking proper preventative measures realize a cost savings of nearly 25 percent over those that don't, an analysis of a survey sponsored by Hewlett-Packard reveals. Still, the study shows, it takes longer to resolve cyberattacks than it did a year ago.
Extensive news coverage about the attacks against RSA and others have made customers jittery. "The publicity resulted in many customers' risk tolerance going down whilst their level of awareness and concern went up," says RSA CFO David Goulden.
Anomaly detection and behavioral monitoring are minimum requirements or mitigating online risks, and the newly-issued supplement to the FFIEC Authentication Guidance highlights why banks and credit unions should be doing more, says Terry Austin of Guardian Analytics.
Corporate account takeover events are reigniting the debate between banks and their former commercial customers, about everything from fraud liability and the "good faith" standard to commercially reasonable security.