It's ironic that Congressional Democrats and Republicans say they're willing to compromise on cybersecurity legislation. With so much else these days in Congress, compromise is not a 10-letter, but 4-letter word.
"It should provide fuel for anyone calling for data breach legislation to include criminal sanctions ...," says Neal O'Farrell of the Identity Theft Council. "This was nothing short of a clumsy cover-up."
Deputy Defense Secretary William Lynn III cautions that cuts to IT security initiatives, when they come, must be carefully applied, and certain areas must remain exempt from the budget ax, such as cybersecurity.
"Organizations are putting in layers of security and tools to safeguard information and assets, however, the fraudsters are attacking our weakest link, the consumer," says Anthony Vitale of Patelco Credit Union.
UBS's $2 billion loss to rogue trading provides lessons for all banks. What's missing in today's financial institution culture is a balance between profits, ethics and governance, says risk management expert Frances McLeod.
"With a company-issued device, you can issue a policy that says users have no rights of privacy over information on the device," says Javelin's Tom Wills. But with employee-owned devices? A whole new set of issues.
RSA Chief Executive Art Coviello challenged a widespread belief that cybersecurity awareness could curb cyberthreats: "There's no amount of consumer education to make them smart enough to resist attacks. They're just too sophisticated."
The threat landscape has evolved, and India's banking institutions must grow their information security strategies, says Anand Naik of Symantec, which just released a report that offers a new security agenda to institutions.
Successful wire fraud attacks cause losses averaging between $100,000 to 200,000 per victim. So, it's not surprising that banks are being sued by business customers for alleged failures to prevent fraud via ACH.