"The FFIEC guidance does a good job of addressing today's and yesterday's threats and suggested techniques, but it is not sufficiently forward-looking," says Gartner's Avivah Litan. "Two years from now, the guidance will be sorely out of date."
"Most convenience stores are concerned about pay-at-the-pump skimming. But they can only focus on so much," says Gray Taylor, a security and compliance expert with the National Association of Convenience Stores.
Police in Beaverton, Ore., have asked for the public's help to identify four suspects who were caught on camera using fake payment cards allegedly created from details skimmed by fraudsters at area Michaels stores.
Building on existing contactless NFC technology could bridge the gap between the mag-stripe and chip and PIN. And the Smart Card Alliance says merchants should begin investing in infrastructure upgrades now.
A breach of debit card accounts, which began in April, has so far affected nearly two dozen banks and credit unions in the Northeast Ohio area, including Keybank, Fifth Third and Century Federal Credit union.
Online and mobile banking are taking the world by storm - especially in the Asia-Pacific region. But many institutions are simply not prepared to manage security and privacy appropriately in these venues, says Gartner's Matthew Cheung.
The California Supreme Court has ruled that a key provision of a tough state medical privacy law is not preempted by federal regulations. The evolving case, which eventually could wind up before the U.S. Supreme Court or grow into a class action case at the state level, is worth watching.
Organizations are starting to adapt to cloud computing, but they're hesitant about placing their core assets in the online environment, according to results from the 2011 ISACA IT Risk/Reward Barometer.
No one is really sure when the FFIEC's new authentication guidance will be issued, but we do know banking institutions can't afford to wait. Hence, our new FFIEC Authentication Guidance Resource Center.
Danish pharmaceutical company Novo Nordisk Inc. has agreed to a $1.725 million civil settlement agreement to resolve allegations that the company accessed and misused private patient information and filed false or fraudulent Medicaid claims.