BITS president Paul Smocer says banks can expect an uptick in cybersecurity-focused legislation in 2012. What impact will changes from Capitol Hill have on requirements for data breach notification, information sharing and critical infrastructure?
Two years after his business was a victim of ACH fraud, PATCO's Mark Patterson doubts whether most small business owners are yet aware of the risks they face. And he doesn't think the FFIEC guidance will help.
ACH fraud victim Mark Patterson says small businesses like his welcome improved online security measures from banking institutions. But is the new FFIEC Authentication Guidance sufficient? Patterson says no.
Banks and credit unions are feverishly working to meet the FFIEC's authentication compliance deadline next year. But experts say institutions should be looking beyond the guidance, by making investments in cross-channel fraud detection.
Improving mobile device security is one of the top information security priorities for the coming year, according to our new Healthcare Information Security Today survey. And that's not surprising, given the recent surge of interest in tablets, smart phones and other mobile devices.
What fraud and security issues does Paul Smocer, the new president of BITS, see as being top concerns in the coming year? Mobile payments, social media, and a strong need for institutions and organizations to comply with existing guidance top the list.
Successful wire fraud attacks cause losses averaging between $100,000 to 200,000 per victim. So, it's not surprising that banks are being sued by business customers for alleged failures to prevent fraud via ACH.
Account takeovers are up, but losses are down. Doug Johnson of the ABA says that's because banks and their customers are catching and blocking suspect ACH transactions before they drains corporate accounts.
Nessa Feddis of the ABA says increased investments in technology at the bank and consumer levels have fueled confidence in online banking. "I think the reason you see an uptick in use here is because the channel is more secure."
"What banks need to be aware of is that much of this fraud is occurring on the consumer and business-customer side, and not all of them will invest in technology that catches these attacks," says Phil Blank of Javelin Strategy & Research.
In an ironic twist, a new phishing scheme, purporting to be from the Federal Deposit Insurance Corp., actually claims to offer assistance with ACH and wire fraud, but instead delivers malware that could enable fraud.