The fight against cyberattacks is a top priority for financial institutions, and industry insiders are optimistic about President Obama's plan to thwart cyberattacks that lead to corporate account takeover and other forms of fraud.
On June 28, the FFIEC released its final, formal version of its Authentication Guidance. Not even one month later, we've created three new training programs to help banking institutions understand and conform with the guidance.
You know the tune: Cyber thieves pirated the town's banking credentials, arranged some bogus "payroll transactions" with the town's bank and then next thing you know ... money mules are transferring funds to the Ukraine.
It's not enough for banking institutions to conform to the FFIEC Authentication Guidance update. They also must ensure that their key vendors meet the same standards, says Philip Alexander of Wells Fargo Bank.
Former banking regulator William Henley has simple advice for banking institutions wondering how to comply with the new FFIEC authentication guidance update: "Start immediately, develop a plan, and document your progress."
The new FFIEC online authentication guidance update is a good "cookbook" for financial institutions to apply layered security, says Avivah Litan of Gartner.
The FFIEC's updated online authentication guidance urges banks and credit unions to do better jobs of authenticating and identifying devices, areas that aren't bolstering the kind of security they could, says security expert Ori Eisen.
Now that the FFIEC Authentication Guidance update has been issued, there is no more important task for banking institutions than to conduct their risk assessments, says Matthew Speare of M&T Bank Corp.
Federal regulators won't speculate about how many more financial institutions could be shuttered in 2011, but the number isn't expected to exceed 2010, the most recent "peak" year for failures.
Now that the FFIEC's updated online authentication guidance is out, banking institutions need to move forward in preparation for 2012 compliance, says Julie McNelley, banking fraud analyst for Aite Group.
The Department of Veterans Affairs soon will enable clinicians to use more mobile devices to view patient information, taking several steps to help ensure security.
Jeff Kopchik of the FDIC says too much emphasis on what's "missing" from the FFIEC's new guidance detracts from regulators' intent: providing financial institutions with a guideline for securing online transactions.
For all the latest news and views, please visit the FFIEC Authentication Guidance Resource Center.
Gartner's Avivah Litan says regulators have done a nice job of emphasizing why and how banks and credit unions need to implement layered security that adequately addresses online risks. But the guidance falls short...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.