In the wake of an ongoing stream of merchant and payment processing breaches, the FDIC is reminding smaller banking institutions that they are ultimately responsible for ensuring the security of cardholder data.
Mitigating card risks associated with retail malware attacks and POS vulnerabilities is a focus of updates to the PCI Data Security Standard, say Bob Russo and Troy Leach of the PCI Security Standards Council.
Successfully implementing the SANS 20 Critical Security Controls requires far more than just deploying systems, platforms or services. Experts offer insights on effective strategies for leveraging technical controls.
Comptroller of the Currency Thomas Curry's comments in a Sept. 18 speech could be an early indication that regulators will put more pressure on banks and service providers to fill cybersecurity gaps, some observers say.
About two weeks before health insurance exchanges open for business under healthcare reform, an exchange in Minnesota already is reporting a data breach. Find out about the incident and the investigation.
In the wake of a year of attacks waged against banking institutions by Izz ad-Din al-Qassam Cyber Fighters, the FS-ISAC's Bill Nelson and the ABA's Doug Johnson say the need to regularly update DDoS preparedness is a critical lesson learned.
OpUSA's planned Sept. 11 DDoS against U.S. banks and governmental agencies proved to be uneventful, experts say. But they warn that other potential attacks, especially those with a Syria connection, could prove to be far more serious.
Federal authorities are warning banking institutions and government agencies about a wave of DDoS attacks that could strike on 9/11. Learn what steps the FBI suggests should be taken to mitigate the threat.
Citi's settlement with two states over a breach that exposed 360,000 cards will likely set an example for other states. One expert says banking institutions will likely pay more damages when accounts are compromised.
A final rule spelling out requirements for state health insurance exchanges drops a proposed requirement that breaches must be reported within an hour of discovery, relying on language in contracts instead.
HHS proposes that state insurance exchanges report data breaches within one hour after discovering them. CIO Curt Kwak of the Washington state exchange explains why compliance with such a rule would be challenging.