Jeff Kopchik of the FDIC says too much emphasis on what's "missing" from the FFIEC's new guidance detracts from regulators' intent: providing financial institutions with a guideline for securing online transactions.
The release of the list coincides with the issuance of the Common Weakness Scoring System that allows software makers to identify vulnerabilities in their programs and buyers to determine software they acquire is secure.
Banks need to take a proactive approach toward improving their business continuity planning, and that includes updating services and evaluating business-impact assessments, says Donald Saxinger of the FDIC.
FDIC examiner Donald Saxinger says cloud computing can pose challenges when it comes to business continuity during disasters. Proactive vendor management, he says, is the best way to address potential hiccups before they become big problems.
As emerging technologies such as cloud computing and mobile banking become the norm, the FDIC's Donald Saxinger says vendor management programs must specifically address the outside risks posed by working with non-traditional financial services providers.
Many organizations are considering migrating from proprietary technologies to those based on free, industry-wide standards. This will not only carve out IT costs, but also help scale your IT ecosystem and potentially improve performance. To better understand the customer migration experience, the Harvard Research...
In the wake of the RSA, Epsilon and Sony PlayStation data breaches, we spoke to two global information security leaders and asked for their three biggest leadership lessons learned. Here is what they shared.
A focus on cost and speed, not on data protection, creates a security hole, a survey of cloud computing service providers reveals. Nearly two-thirds of providers say they aren't confident cloud apps are sufficiently secured.
Top executives seek the CISO's advice to help determine whether cloud computing benefits outweigh the risks. Here are the top five cloud security risks and concerns CISOs must discuss with their leaders.
While the cause of the Epsilon e-mail breach has not been publicly disclosed, the incident's aftermath has seen a growing list of organizations impacted by the breach. It also has ignited a new debate about the sensitivity of e-mail addresses.
Altra Federal Credit Union developed a calculated strategy before moving to the cloud -- advice all financial institutions should follow, says Brian Boettcher, VP of IT, who shares his lessons learned.