2011 has offered quite a number of tough lessons for security professionals. Here at (ISC)2, where security education is our focus, the close of another year raises the old teacher's question: "What have we learned, class?"
"National and government CERT managers should use more ... external sources of incident information and additional internal tools to collect information to plug the gaps" says ENISA Executive Director Udo Helmbrecht
A card compromise at a California-based grocery chain has raised questions about the efficacy of PCI-DSS. Experts say even if merchants are compliant, fraudsters can easily get around the security measures.
Bank of America, a pioneer in mobile banking, says mobile is hot, but it also opens financial institutions to unknown risks. What proactive steps should banks and credit unions take to ensure they're ready?
ACH fraud victim Mark Patterson says small businesses like his welcome improved online security measures from banking institutions. But is the new FFIEC Authentication Guidance sufficient? Patterson says no.
Banks and credit unions are feverishly working to meet the FFIEC's authentication compliance deadline next year. But experts say institutions should be looking beyond the guidance, by making investments in cross-channel fraud detection.
The bust of six Estonians for one of the biggest online frauds ever is reminiscent of another type of organized crime: drugs. Despite the similarities, there's one big difference between drugs and online crimes.
Mobile banking is a 'must-have' today, but the foray into this new financial-services arena comes with risk. Consistent review and implementation of security layers and controls is the only strategic way to tackle emerging mobile offers.
Bank of America's Keith Gordon says securing the mobile channel is much like securing any other banking channel: Controlling risks requires layers of security and controls. But educating customers plays a key security function, too.
Security concerns are the top barrier between consumers and mobile banking. Yet, only 17 percent of institutions have integrated consumer education into their mobile strategies. Javelin's Mary Monahan offers three tips to improve awareness.