Data security

A community bank in Virginia thought the $2.4 million hackers stole from its customers would be fully covered by its insurance policy, but its carrier begged to differ. Their highly technical legal fight is a cautionary tale for all bankers who assume they are sufficiently covered.

Small banks are being warned to slow down mobile tool development and check vendor arrangements, as researchers repeatedly find vulnerabilities that can be exploited by cybercriminals.

The ongoing threat of data breaches serves as a reminder that every business is subject to PCI DSS compliance, no matter their size. Any company that handles cardholder data in any way must adhere to PCI DSS standards, which can be time-consuming and expensive, writes Matt VanderZwaag, director of product development at US Signal.

Forget the stereotype that a cybercriminal has to be tech-savvy to get the job done. Their true gift is in social engineering.

The hack's core trick highlights an area of cybersecurity which is often neglected: hardware connected to computer networks which laymen wouldn’t normally consider a computer.

Rather than ban screen scraping, financial institutions should improve secure account connectivity so that consumers can share data with the apps they want to use.

Multifactor authentication is table stakes in today's breach-heavy environment. Falling short of that standard creates a dangerously high threat, according to David Vergara, head of security product marketing for OneSpan.

Europe's new data privacy rules have forced banks to get creative to protect sensitive data from in appropriate access or breaches.

Within hours of learning about the breach, Brinker International, parent company of the Chili’s chain, issued a news release, website notice and social media advisories informing consumers and other interested parties of the incident, writes John Gunn, CMO of OneSpan.

The regulatory relief law passed this spring contained a measure to stop synthetic fraud, but the provision is incomplete.