Security managers need the heads up from non-IT executives before they dismiss employees, some of whom might seek payback for their sacking by pilfering data or sabotaging systems, Carnegie Mellon University's Dawn Cappelli and Mike Hanley say.
Banks and credit unions are feverishly working to meet the FFIEC's authentication compliance deadline next year. But experts say institutions should be looking beyond the guidance, by making investments in cross-channel fraud detection.
New research from Carnegie Mellon University's Software Engineering Institute provides further evidence why IT security isn't just the problem of an enterprise's security organization but of its top non-IT leadership as well.
Facial recognition, arguably, is the technology that most threatens individual privacy online, and that's on the mind of Senate Commerce Committee Chairman Jay Rockefeller, who has asked the FTC to report on its growing use.
These arrests also highlight the U.S. vulnerability to crimes involving payment cards with magnetic stripes. "The U.S. is a criminal's playground right now," says John Buzzard of FICO Card Alert Service.
UBS's $2 billion loss to rogue trading provides lessons for all banks. What's missing in today's financial institution culture is a balance between profits, ethics and governance, says risk management expert Frances McLeod.
Executives in a variety of industries who are in charge of securing their enterprises' IT say they're more anxious about outsiders hacking into their systems than insiders - either maliciously or inadvertently - threatening their digital assets, a new survey shows.
According to FINRA, Citi's negligence in adequately supervising Tamara Moon, a former sales assistant at a Citi branch in Palo Alto, Calif., resulted in $749,978 being skimmed from the accounts of 22 Citi customers.
Organizations taking proper preventative measures realize a cost savings of nearly 25 percent over those that don't, an analysis of a survey sponsored by Hewlett-Packard reveals. Still, the study shows, it takes longer to resolve cyberattacks than it did a year ago.
Corporate account takeover events are reigniting the debate between banks and their former commercial customers, about everything from fraud liability and the "good faith" standard to commercially reasonable security.
"The first step is for banks to admit there is a problem before they can address it, and many bankers are still in denial," says Shirley Inscoe, author of the book "Insidious: How Trusted Employees Steal Millions and Why It's So Hard for Banks to Stop Them."