Mobile attacks are on the rise, and banking institutions need stronger authentication and better defenses against out-of-band compromises. But what else should banks be doing in 2013? Experts weigh in.
If we're at war, the fight so far is unbalanced, and the U.S. should be grateful its cyberspace adversary is Iran. "We're probably not very prepared for a virtual conflict against a really competent state, such as Russia or China," says Rand Corp.'s Martin Libicki.
Many organizations are weighing whether cyber-insurance is a worthwhile investment. A decision on the type of policy to buy, and what it should cover, depends, in part, on the type of information that could be exposed.
The growing threat landscape exacerbates the IT security skills shortage, meaning many organizations struggle with inadequate and sometimes unqualified staff. How are security leaders addressing the crisis?
Which fraud trends need the most attention from U.S. banking institutions in 2013? Distributed-denial-of-service attacks and account takeover, says FS-ISAC's Bill Nelson, who offers fraud-fighting tips.
In light of growing threats and the increasing complexity of information technology, organizations must get everyone in the enterprise, especially top leaders, involved in assessing and managing information risk.