2011 has offered quite a number of tough lessons for security professionals. Here at (ISC)2, where security education is our focus, the close of another year raises the old teacher's question: "What have we learned, class?"
Calif.-based grocer Save Mart confirms dozens of reports by employees and customers about account compromises linked to the merchant's recent breach. Are these incidents linked to a larger, organized crime ring?
A card compromise at a California-based grocery chain has raised questions about the efficacy of PCI-DSS. Experts say even if merchants are compliant, fraudsters can easily get around the security measures.
Bank of America, a pioneer in mobile banking, says mobile is hot, but it also opens financial institutions to unknown risks. What proactive steps should banks and credit unions take to ensure they're ready?
ACH fraud victim Mark Patterson says small businesses like his welcome improved online security measures from banking institutions. But is the new FFIEC Authentication Guidance sufficient? Patterson says no.
Banks and credit unions are feverishly working to meet the FFIEC's authentication compliance deadline next year. But experts say institutions should be looking beyond the guidance, by making investments in cross-channel fraud detection.
Bank of America's Keith Gordon says securing the mobile channel is much like securing any other banking channel: Controlling risks requires layers of security and controls. But educating customers plays a key security function, too.
An estimated 650,000 customers have recently switched from big banks to community banks and credit unions. But are these smaller institutions prepared for the new demand for security and fraud prevention?
Improving regulatory compliance efforts is the No. 1 information security priority for healthcare organizations in the year ahead. That's a key finding of the inaugural Healthcare Information Security Today survey.