Among the provisions of the Federal Information Security Amendments Act, approved by a voice vote, is a requirement that agencies implement continuous monitoring of their IT systems to identify vulnerabilities before a cyber incident occurs.
Many organizations are still using personal information, such as mother's maiden name and date of birth, to verify user identities. However, personal data is everywhere - in search engines and on social networking and other third-party sites - making the use of these static data elements a less secure measure for...
The FFIEC Authentication Guidance update has been in circulation since mid-2011. But as banking examiners begin testing for conformance, we find:
Only 11% of surveyed institutions have come into conformance since the guidance was issued;
Nearly 30% don't fully understand the guidance;
88% do not believe the...
Far too many identity solutions today rely on simple user names and passwords, says Brent Williams, CTO of Anakam Identity Services - the identity product line of Equifax. But the future of identity is bright, he says.
"People appreciate being contacted when particular transactions look risky," says Peter Tapling, President and CEO of Authentify. "Out-of-band authentication provides the opportunity to do that in real-time, at very low cost to the institutions."
What are the top emerging fraud threats via mobile banking, and how must security leaders respond? In an RSA Conference preview, Julie McNelley of the Aite Group offers tips for fighting the newest threats.