Super Security Guy

April 25, 2012 Added by:Wayde York

While I was talking to the bank operator, I tried to login to my account and when I put in the username/password, I couldn’t get in. The bad guys had changed my login, or so I thought. Red lights were flashing and the bulk of my security expertise poured in to the rescue...

Comments  (1)


Four Steps to Follow when Your Credit Card is Compromised

April 23, 2012 Added by:Christopher Burgess

Certification of compliance demonstrates that at that given point of time the entity was in adherence to the PCI standards. The threat landscape is dynamic and ever changing requiring those entrusted with our data to take steps beyond compliance to protect that data...

Comments  (0)


When Will PCI SSC Stop the Mobile Payment Insanity?

April 10, 2012 Added by:PCI Guru

The merchant is left to their own devices to know whether any of these mobile payment processing solutions can be trusted. I am fearful that small merchants, who are the marketing target of these solutions, will be put out of business should the device somehow be compromised...

Comments  (0)


Assurance : Don't Worry, I've Got This...

April 06, 2012 Added by:Jon Long

There is nothing that changes faster than technology, and if you are not ahead of it, you are ancient history. Within the category of technology, security is at the forefront of rapid change, and there is nothing more critical to ensure that we understand as auditors...

Comments  (0)


Financial Institutions – Your Time is Coming

April 04, 2012 Added by:PCI Guru

Most financial institutions purchase their software applications from third party development firms. With all of the regulatory changes going on in the financial institution industry, these software firms have been focused on those regulatory changes and not PCI compliance...

Comments  (0)


What do Credit Card Companies do with Your Personal Info?

March 23, 2012 Added by:Allan Pratt, MBA

The types of personal information companies collect and share depends on the product or service you get from them. This info can include: Social Security number and income, account balances and employment details, and credit history and transaction history...

Comments  (0)


How Safe is Paying Online with Your Smart Phone?

March 13, 2012 Added by:Robert Siciliano

Handset manufacturers, application developers, and mobile security vendors continue working to improve mobile security. Banks are offering a consistent sign-on experience for both their online and mobile channels, including multifactor authentication programs for mobile...

Comments  (0)


Which Will Make a Bigger Splash in 2012 - Mobile Wallet or EMV?

February 01, 2012 Added by:Robert Siciliano

Visa has announced plans to accelerate the migration to EMV contact and contactless chip technology in the United States. The company intends to encourage investments in infrastructure necessary to accept and process both new forms of payment technology...

Comments  (0)


Five FFIEC Compliance Tips For Banks

January 10, 2012 Added by:Robert Siciliano

“The guidance is an important reinforcement of several critical ideas: Fraud losses undermine faith in our financial system. Fraud tactics evolve constantly and the tools that combat them have to evolve as well. The guidance provides a perspective..."

Comments  (0)


On the Israeli Credit Card Breach

January 08, 2012 Added by:Danny Lieberman

The biggest vulnerability of PCI DSS is that it’s about 10 years behind the curve. When people in the PCI DSS Security Council in Europe confess to never having heard of DLP and when the standard places an obsessive emphasis on anti-virus, you know you're still in Kansas...

Comments  (0)


FFIEC Banking Security Guidelines In Effect Soon

January 05, 2012 Added by:Robert Siciliano

The FFIEC updated security guidelines go into effect in less than a month. It is imperative that financial institutions recognize that the security precautions currently in place are ineffective in the face of new, more sophisticated attacks...

Comments  (0)


SSAE 16 is NOT SOC 2

December 22, 2011 Added by:david barton

Just when I thought things were getting better, along comes a press release that is wrong on so many levels I don’t even know where to begin. First, SSAE 16 is not a certification. Secondly, SOC 2 is totally unrelated to SSAE 16, which is specific guidance for conducting SOC 1 reviews...

Comments  (2)


Remote Deposit Capture (RDC) Could Escalate Fraud

November 22, 2011 Added by:Headlines

"With banks and financial institutions expanding this service to a retail customer base that often undergoes less stringent due diligence than do their commercial customers, is the potential for fraud increasing?"

Comments  (0)


SOX Compliance and Evolution to GRC Conference

October 20, 2011 Added by:Infosec Island Admin

The SOX Compliance series is targeted at a focused group of senior level executives to maintain an intimate atmosphere for the delegates and speakers. Since it is not a vendor driven conference, the higher level focus allows the delegates to network with their industry peers and speakers...

Comments  (0)


The EMV-Contactless World According to Visa

October 11, 2011 Added by:PCI Guru

If Visa were to work with the industry to produce a common API for EMV and contactless cards with PIN online, that would drive adoption of more secure cards in the US because there would be a business reason for adoption. Without such a driver, they are still a solution looking for a problem...

Comments  (8)


The FFIEC Wants You to Know...

September 23, 2011 Added by:Robert Siciliano

Consumers are oblivious to the layers of security put in place by financial institutions to protect their accounts. All consumers really care about are ease and convenience. A better understanding of what goes on behind the scenes can help consumers adapt to new technologies...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »