Data security

The latest cyberattacks pointing to the Russian government show that U.S. federal agencies and banks still lack a clear, collaborative game plan.

Fallout from the coronavirus pandemic consumed the industry this year, but other events, including a scandal at the National Credit Union Administration and a credit union under fire for lack of board diversity, also made waves.

With Microsoft, Equifax and others acknowledging that the SolarWinds hack of U.S. government entities had affected their holdings, security teams and vendors have put the holiday aside while continuing around-the-clock surveillance to ensure no financial services or payments networks have been hacked.

As risk rises and budgets tighten post-pandemic, training all employees about security risks and conducting quarterly penetration tests helps to offset threats and potential losses.

By upgrading permissions and defining access, firms can get ahead of the new threat, says vArmour's Marc Woolword.

Remote learning and work heightens the security risk, says Pulse Secure's Mike Riemer.

Federal banking agencies want to give the industry a hard deadline for notifying their regulators about serious security breaches and failed system upgrades.

Paying on delivery with tokenization, biometric fingerprint cards, vein scanning or phone-to-phone with a variety of card payment options helps create a universe of consumer choice, convenience, personal preference and better fraud protection, says Radar Payments' Jane Loginova.

It has been 15 years since the federal banking agencies issued guidance on an institution’s obligation to inform its regulator about a cyberattack. A proposal to be unveiled this week could establish a more specific notification deadline.

It's important that breach mitigation strategies take younger people, gaming and school into account, says ForgeRock's Ben Goodman.

Whenever a technology moves into the payments or financial data ecosystem, it alerts fraudsters to probe it more intensely — and ultimately, figure out a way to use it as an attack vector.

Organizations need complete control over which network access privileges are assigned to each user or role, says Pulse Secure's Rene Papp.

Big banks and other financial firms predict the cost of warding off cybercriminals will keep climbing in 2021 as they work to secure digital financial services popularized by the pandemic.

In an open letter, industry veteran Thomas Vartanian outlines the steps the administration can take to encourage innovation, better detect cyber threats and modernize regulation.

Financial institutions are using behavioral analytics, imposing tighter controls and taking other steps to prevent employee-caused security lapses.

The pilot leverages Keyno’s CVVkey technology that uses a dynamic card verification value 2 (CVV2) code to provide a higher level of security against fraud for online and mobile payments.

The pilot leverages Keyno’s CVVkey technology that uses a dynamic card verification value 2 (CVV2) code to provide a higher level of security against fraud for online and mobile payments.

Corporate breaches facilitated by employees — often accidentally — rose significantly this year, and banks have been particularly hard hit. Here's why.

As it attempts to craft policy on access to consumers’ financial account information, the agency is wading into a battle between those who want data to flow more freely and those who prioritize security.

Despite tougher privacy regulations, further safeguards are needed that require consumers' clear consent before personal information is exchanged.