Blog

During discussions in 2013 to determine the next risk areas that should be addressed by the Shared Assessments Program Tools, the focus rapidly turned to software security. As we polled our members we found that many of them were concerned with the security of the software being provided by their ve ....

A newly discovered bug found in widely used web encryption technology was uncovered by researchers, prompting an announcement from Homeland Security and other regulatory agencies to review technology environments to determine if the bug posed any potential risk to their customers or data. The bug, n ....

The Federal Financial Institutions Examination Council (FFIEC) has issued an advisory to its member institutions advising a material security vulnerability in the OpenSSL cryptographic library that may put systems that use this encryption method at risk. OpenSSL is an open-source implementation of t ....

We might be forgiven for thinking that tokens have been the Rodney Dangerfield of the payments business, but that label is changing fast. Tokens have been used in the payments business for years, mostly in the back room where they have been a preferred tool for securing customer information for merc ....

Data Breaches. Big Data. The Future of Privacy Media headlines and the blogosphere are in overdrive regarding privacy, security, and risk after recent events, as my fellow blogger Glen Sarvady pointed out in his recent blog: Data breaches may accelerate move to new technology. Leading the charge i ....

Cybercriminals are targeting privileged network users in ways that are increasingly devastating to security efforts across the financial services industry. These types of insider threats have become more prevalent in the past two years due to the combination of: Increased network activity volumes ....