Financial
Which Will Make a Bigger Splash in 2012 - Mobile Wallet or EMV?
February 01, 2012 Added by:Robert Siciliano
Visa has announced plans to accelerate the migration to EMV contact and contactless chip technology in the United States. The company intends to encourage investments in infrastructure necessary to accept and process both new forms of payment technology...
Comments (0)
Five FFIEC Compliance Tips For Banks
January 10, 2012 Added by:Robert Siciliano
“The guidance is an important reinforcement of several critical ideas: Fraud losses undermine faith in our financial system. Fraud tactics evolve constantly and the tools that combat them have to evolve as well. The guidance provides a perspective..."
Comments (0)
On the Israeli Credit Card Breach
January 08, 2012 Added by:Danny Lieberman
The biggest vulnerability of PCI DSS is that it’s about 10 years behind the curve. When people in the PCI DSS Security Council in Europe confess to never having heard of DLP and when the standard places an obsessive emphasis on anti-virus, you know you're still in Kansas...
Comments (0)
FFIEC Banking Security Guidelines In Effect Soon
January 05, 2012 Added by:Robert Siciliano
The FFIEC updated security guidelines go into effect in less than a month. It is imperative that financial institutions recognize that the security precautions currently in place are ineffective in the face of new, more sophisticated attacks...
Comments (0)
SSAE 16 is NOT SOC 2
December 22, 2011 Added by:david barton
Just when I thought things were getting better, along comes a press release that is wrong on so many levels I don’t even know where to begin. First, SSAE 16 is not a certification. Secondly, SOC 2 is totally unrelated to SSAE 16, which is specific guidance for conducting SOC 1 reviews...
Comments (2)
Remote Deposit Capture (RDC) Could Escalate Fraud
November 22, 2011 Added by:Headlines
"With banks and financial institutions expanding this service to a retail customer base that often undergoes less stringent due diligence than do their commercial customers, is the potential for fraud increasing?"
Comments (0)
SOX Compliance and Evolution to GRC Conference
October 20, 2011 Added by:Infosec Island Admin
The SOX Compliance series is targeted at a focused group of senior level executives to maintain an intimate atmosphere for the delegates and speakers. Since it is not a vendor driven conference, the higher level focus allows the delegates to network with their industry peers and speakers...
Comments (0)
The EMV-Contactless World According to Visa
October 11, 2011 Added by:PCI Guru
If Visa were to work with the industry to produce a common API for EMV and contactless cards with PIN online, that would drive adoption of more secure cards in the US because there would be a business reason for adoption. Without such a driver, they are still a solution looking for a problem...
Comments (8)
The FFIEC Wants You to Know...
September 23, 2011 Added by:Robert Siciliano
Consumers are oblivious to the layers of security put in place by financial institutions to protect their accounts. All consumers really care about are ease and convenience. A better understanding of what goes on behind the scenes can help consumers adapt to new technologies...
Comments (0)
SOX Compliance and Evolution to GRC - Chicago
September 23, 2011 Added by:Infosec Island Admin
The SOX Compliance series is targeted at a focused group of senior level executives to maintain an intimate atmosphere for the delegates and speakers. Since it is not a vendor driven conference, the higher level focus allows the delegates to network with their industry peers and speakers...
Comments (0)
Smartphones and Banking Application Security
September 22, 2011 Added by:Brent Huston
As device manufacturers continue to add processing power and storage capacity, and platform vendors provide more applications for generating and consuming data, security will become a greater concern as attackers look upon it as their new playground...
Comments (2)
SOX Compliance and Evolution to GRC Conference
September 14, 2011 Added by:Infosec Island Admin
While maintaining the focus on the continual optimization of the SOX program, 22nd edition conference will draw on the more recent challenges being faced by SOX professionals in light of the recent economic climate and new Dodd-Frank requirements...
Comments (0)
Bad News For Banks: Courts Side With Customers
September 03, 2011 Added by:Robert Siciliano
The computer or other device the scammer used to access Comerica’s website could surely have been traced overseas and flagged for: hiding behind a proxy, device anomalies such as a time zone and browser language mismatch, past history of online scams and identity theft, and the list goes on...
Comments (1)
Could a Cyber Attack Shut Down the Stock Exchange?
August 19, 2011 Added by:Scot Terban
The system is vulnerable to attacks that would have great consequences to the financial system within the US as well as potentially the world. Perhaps Mr. Kass is just looking to leverage the fear, perhaps he is trying to fire off the "Bat Signal” that something is wrong or inevitable...
Comments (0)
Financial Industry Guidance on the Use of Social Media
August 14, 2011 Added by:David Navetta
Banks and other financial institutions face unique issues when it comes to the use of social media. Faced with conflicts between social media platform rules, customer expectations, self-regulatory standards, and the strict regulations that govern the industry, guidance has been issued by BITS...
Comments (0)
Fraudulent Credit Applications Start with the Device
June 28, 2011 Added by:Robert Siciliano
Device fingerprinting coupled with the device’s reputation and risk profile helps identify the bad guys in the acquisition channel, so you don’t have to rely on other fraud detection tools that drive up the cost to decision an application...
Comments (0)
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform
- Mobile Security Processes Could Be Applied to Medical Devices: Bluebox