"I think we'll see some additional investments in fraud prevention tools as a result, and it could be EMV tokens or neural networks," says Jim Schlegel of ACI Worldwide, following the Fed's move on debit interchange fees.
The database has become the main target for hackers and negligent insiders, as the insider breach at Bank of America showed. A recent survey highlights the need for financial institutions to enhance security measures to mitigate threats and losses.
Jeff Kopchik of the FDIC says too much emphasis on what's "missing" from the FFIEC's new guidance detracts from regulators' intent: providing financial institutions with a guideline for securing online transactions.
"The FFIEC guidance does a good job of addressing today's and yesterday's threats and suggested techniques, but it is not sufficiently forward-looking," says Gartner's Avivah Litan. "Two years from now, the guidance will be sorely out of date."
Security teams need to look at the controls they have put in place in their organization and question whether they are shifting risky behavior to different areas and perpetuating problems, says Intel CISO Malcolm Harkins.
The new virtualization guidance issued by the PCI Security Standards Council urges organizations to take a risk-based approach when dealing with virtualization methods, especially within cardholder data environments.
As our reliance on networks continues to grow, the threats against them are growingly equally. A new Cyber Operations blueprint aims to address the problem, pointing organizations in the right direction.
"Most convenience stores are concerned about pay-at-the-pump skimming. But they can only focus on so much," says Gray Taylor, a security and compliance expert with the National Association of Convenience Stores.
Characterizing LulzSec as cyberterrorists, department officials confirmed that LulzSec appeared to have gained access to the e-mail accounts of at least seven department employees, with the pilfered information posted online by the group.