The Obama administration's plan for a federal data breach notification policy is too vague to be effective, and it lacks teeth to penalize violators, according to experts who raise open questions about the proposal.
When it comes to hot topics, they don't get hotter than authentication, cloud computing and IT governance - all of which I've discussed at length in recent interviews with industry thought-leaders. Let's review some highlights from these conversations.
A silver lining is emerging behind the rash of breaches that occur all too regularly. The fact that these breaches make the public more aware of the vulnerabilities is encouraging in efforts to make the Internet safer for all.
Bankers aren't waiting for the FFIEC to act on the release of its updated online authentication. Instead, they've already begun to comply with the major points recommended in the draft. And the death of Osama bin Laden has heightened concerns terrorists' efforts to launder money through legitimate banking channels.
Personalized medicine research, which relies on genetic information paired with electronic health records, could pave the way for many treatment breakthroughs. But because of the sensitive nature of the information involved, pioneers in this field must take extra privacy and security precautions.
Wire fraud incidents from China prove current security measures, including multifactor authentication, are too easy to bypass. And security pundits say it all points back to why the financial industry needs more guidance about adequate online security.