Jeff Kopchik of the FDIC says too much emphasis on what's "missing" from the FFIEC's new guidance detracts from regulators' intent: providing financial institutions with a guideline for securing online transactions.
The release of the list coincides with the issuance of the Common Weakness Scoring System that allows software makers to identify vulnerabilities in their programs and buyers to determine software they acquire is secure.
Banks need to take a proactive approach toward improving their business continuity planning, and that includes updating services and evaluating business-impact assessments, says Donald Saxinger of the FDIC.
The California Supreme Court has ruled that a key provision of a tough state medical privacy law is not preempted by federal regulations. The evolving case, which eventually could wind up before the U.S. Supreme Court or grow into a class action case at the state level, is worth watching.
FDIC examiner Donald Saxinger says cloud computing can pose challenges when it comes to business continuity during disasters. Proactive vendor management, he says, is the best way to address potential hiccups before they become big problems.