IT concentration risk could pose major problems for financial institutions that rely heavily on one vendor for critical services. United Overseas Bank's Gaurav Gupta recommends CIOs hold vendors accountable for resilience and look for ways to diversify to ensure business continuity.
In the latest weekly update, ISMG editors discussed the implications of the recent arrest of Telegram's CEO in Paris for encrypted messaging services, the transformative impact of artificial intelligence in cybersecurity, and the latest regulations designed to curb fraud in electronic payments.
The Digital Operational Resilience Act aims to reshape the financial services industry by introducing strict cybersecurity standards. Financial institutions must comply with the new rules by Jan. 17, 2025, or face severe penalties, said Richard Breavington, head of cyber and tech insurance at RPC.
While the criminals may have an advantage in the AI race, banks and other financial services firms are responding with heightened awareness and vigilance, and a growing number of organizations are exploring AI tools to improve fraud detection and response to AI-driven scams.
Critical infrastructure encompasses the essential services and assets vital to the functioning of society and the economy. Specializing in security in this field requires a deep understanding of the challenges and threats facing sectors such as energy, transportation, healthcare and water systems.
Nacha's new ACH rules require all banks to update policies and procedures to ensure better fraud detection. These changes help banks comply with new standards without relying solely on technical solutions, said Devon Marsh, managing director of ACH network rules and risk management at Nacha.
Recent developments suggest the U.S. is taking a more serious approach to holding faster payments platforms accountable for scams. It's unlikely any changes will occur before the November U.S. election, but the move toward more regulation is a good start, said Ken Palla, retired MUFB Bank director.
The Australian Prudential Regulation Authority listed seven priority areas in its new corporate plan released Wednesday, including a plan to raise industry standards on cyber risk management and increase minimum standards for operational resilience for banks and insurers.
Hackers stole the data of more 700,000 current and former customers and employees of Patelco Credit Union in a monthlong ransomware attack detected in June, the California financial institution said. The breach didn't equally affect all 726,000 individuals victimized by the attack.
Fifteen months after a massive supply-chain attack hit users of MOVEit secure file-transfer software, Texas Dow Employees Credit Union has issued a data breach notification pertaining to 500,474 victims, saying it only discovered last month their personally identifiable information got stolen.
A group of banking and housing lobbyists are urging Ginnie Mae to redo its latest set of cybersecurity incident reporting requirements for custodians of mortgage-backed securities, calling the new measures "impractical" and potentially burdensome for many organizations.
The insurance industry faces rapidly changing fraud tactics from sophisticated cybercriminals, and identity theft and synthetic fraud are becoming critical challenges. Experts discuss how cybercrime complicates fraud detection and share lessons the insurance industry can learn from banking.
Giving customers more flexibility in instant payment systems could give users more control over their transactions and help fight scammers. An option to delay payments could introduce the needed friction to stop fraudulent payments, said fraud experts Eva Velasquez and Ken Palla.
Human error is a major contributor to payments fraud, but only about 5% of organizations have fully automated their payment processes to reduce mistakes. Experts say artificial intelligence-enabled automation will help reduce risks, but the benefits of this technology are still a distant reality.
A ransomware attack on a leading payments services provider in India disrupted payment services at about 300 regional and cooperative banks, forcing regulators to step in to contain the damage. Indian national retail payments provider NPCI said the attack targeted tech firm C-Edge Technologies.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.in, you agree to our use of cookies.