Data breaches

Financial institutions have different levels of breach protection than health care, heightening the risk, according to Brad Keller, senior vice president and program director at Shared Assessments.

Companies must be more prepared to defend user data from malicious outsiders, or suffer the consequences of lawsuits, sanctions from data privacy laws, decreased user trust, tarnished brand reputation, damaged investor relations and more, writes Ben Goodman, vice president of global strategy and innovation at ForgeRock.

Data protection strategies need to consider how data travels and how that impacts vulnerabilities and breach risk, according to comforte AG's Jonathan Deveaux.

Some technology upgrade can leave databases open to the public internet, creating more risk for payment credential exposure and other risks, contends Ameya Talwalkar, co-founder and chief product officer of Cequence Security.

In the era of big data, a more thorough, data-centric approach is needed for security than the traditional encryption of the past, argues comforte AG's Jonathan Deveaux.

Given the risks of improperly securing a multicloud environment, it's crucial to engage with partners who understand networking, says Mounir Hahad, head of threat research for for Juniper Networks.

Some contracts are not "adequately" defining which party — the bank or the vendor — is responsible for managing risks, the agency said.

The watchdog’s report — requested by Sen. Elizabeth Warren, D-Mass., and Rep. Elijah Cummings, D-Md. — called for civil money penalty authority and better supervision to guard consumer data.

The Conference of State Bank Supervisors urged Sens. Mike Crapo and Sherrod Brown to establish a baseline for consumer protection in data privacy and security that would leave room for stricter state rules.

A proactive and preventive security strategy will go a long way to building consumer trust and ensuring continued loyalty, writes Maria Allen, global head of financial services for Unisys.