A DDoS attack against Ellie Mae, which provides technologies to mortgage originators, comes just as banking regulators issue a reminder about the risks associated with such attacks. Experts offer risk mitigation insights.
The FFIEC just issued new guidelines on DDoS risks to U.S. banking institutions. What is the substance of these guidelines, and how must banks and credit unions respond? Rodney Joffe of Neustar offers advice.
Starting with the Federal Financial Institutions Examination Council (FFIEC) requirements, this white paper describes how Tenable's unified security monitoring platform meets and exceeds these requirements, ensuring continuous compliance, lower total cost of ownership, tangible security risk reduction and the ability...
Which fraud trends need the most attention from U.S. banking institutions in 2013? Distributed-denial-of-service attacks and account takeover, says FS-ISAC's Bill Nelson, who offers fraud-fighting tips.
As online threats continue to escalate, organizations need to adopt best practices in online security that can also achieve user convenience and budget constraints.
Financial institutions face similar security challenges when delivering online and mobile banking services today:
How to maintain customers'...
Dollars lost of fraud are one measure of an incident's impact. But the "soft" costs - loss of reputation and productivity - are the ones that most get the attention of Terry Austin of Guardian Analytics.
Too many banks and credit unions are being narrow-minded in their approaches to FFIEC Authentication Guidance conformance, by focusing on commercial accounts and neglecting retail accounts, one ACH fraud attorney says.
The FFIEC Authentication Guidance update has been in circulation since mid-2011. But as banking examiners begin testing for conformance, we find:
Only 11% of surveyed institutions have come into conformance since the guidance was issued;
Nearly 30% don't fully understand the guidance;
88% do not believe the...
Unmistakably, the release of the FFIEC supplement was the result of an increasingly hostile online banking environment created by the introduction of advanced malware. To effectively comply with FFIEC guidelines, financial organizations need to select a solution that is able to provide real-time threat intelligence...