Banks and credit unions are feverishly working to meet the FFIEC's authentication compliance deadline next year. But experts say institutions should be looking beyond the guidance, by making investments in cross-channel fraud detection.
Heavily regulated industries like banking and healthcare have been reluctant to make the virtualized leap to the cloud, fearing a loss of control could open them to unforeseen risk. Are their concerns unfounded?
"With a company-issued device, you can issue a policy that says users have no rights of privacy over information on the device," says Javelin's Tom Wills. But with employee-owned devices? A whole new set of issues.
As smartphone usage grows, so do emerging threats of mobile malware. When it comes to mobile banking security, financial institutions can only do so much. Security solutions will have to come from mobile vendors, says ENISA's Giles Hogben.
News about recent healthcare information breaches offers an important reminder: Monitoring the privacy and security procedures of your business associates should be a vital component of any breach prevention strategy.
Are executives spending too much time and energy focused on external hacks, sacrificing attention they should be paying to internal threats? It's good that business leaders understand insiders pose risks, but are they taking those risks as seriously as they should?