Now that the FFIEC Authentication Guidance update has been issued, there is no more important task for banking institutions than to conduct their risk assessments, says Matthew Speare of M&T Bank Corp.
"Our role is changing in the fact that we see fraud being perpetrated in a new manner everyday via malicious software, banking Trojans and online theft," says Jean-François Legault, senior manager of forensics and dispute services at Deloitte.
Eddie Schwartz didn't shy away from the offer to become RSA's first chief security officer after the security firm experienced a sophisticated advanced-persistent-threat breach. Instead, Schwartz embraced the hack as the reason to take the job. (See RSA to Get Its First Chief Security Officer.)
Fraud today is global. The same problems happening in the U.S. are simultaneously occurring in other parts of the world. For interested job seekers, there's never been a better time to enter the fraud examiner profession.
Recent high-profile data breaches and heightened threats add up to one thing: a bright future for information security professionals who want to start or re-start a career in risk management.
Among the 12 computer-related job classifications tracked by the Department of Labor's Bureau of Labor Statistics, information security analysts was one of only two categories to report no unemployment during the second quarter of 2011.
The use of social media raises risk management issues, and education is the key to overcoming the common misperception that "you can say anything you want on social media and not have any consequences," says compliance specialist Roy Snell.
"Professionals like me now understand that we are the ambassadors for ethical behavior and should actively encourage other employees to adhere to it," says Alessandro Moretti, a senior risk and security executive.
Today's top fraud threats recognize no global boundaries, says James Ratley, head of the Association of Certified Fraud Examiners. And they require a stronger global workforce than ever before.
Upon issuing its 2011 update to online authentication guidance, the FFIEC put banking institutions on notice: Examiners will assess how institutions satisfy these enhanced expectations starting in January 2012. So, how best should banking/security leaders go about meeting these new directives and ensuring the security...
Jeff Kopchik of the FDIC says too much emphasis on what's "missing" from the FFIEC's new guidance detracts from regulators' intent: providing financial institutions with a guideline for securing online transactions.
For all the latest news and views, please visit the FFIEC Authentication Guidance Resource Center.
Gartner's Avivah Litan says regulators have done a nice job of emphasizing why and how banks and credit unions need to implement layered security that adequately addresses online risks. But the guidance falls short...
For all the latest news and views, please visit the FFIEC Authentication Guidance Resource Center.
Aite's Julie McNelley says the final FFIEC online authentication guidance offers greater detail in areas such as layered security, but that institutions have much to do to prepare for regulatory assessments in 2012.
The Federal Financial Institutions Examination Council has formally released the long-awaited update to its "Authentication in an Internet Banking Environment" guidance. The new directives take effect January 2012.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.