As the Senate considers the 2023 National Defense Authorization Act, ABA and the Bank Policy Institute urged lawmakers to omit language that would create a designation for “systemically important entities,” including large banks, for the purposes of assessing risks to critical infrastructure entities.
Data breaches cost financial intuitions an average of $5.97 million in 2021 and 2022, with health care being the only sector with a higher cost per breach, according to a report released yesterday by IBM Security.
Scammers are increasingly impersonating financial services companies as they seek to trick unsuspecting computer users into divulging sensitive information through phishing emails and websites, according to a report released today by cybersecurity firm Vade.
The Commerce Department’s National Institute of Standards and Technology this week selected the first group of encryption tools designed to withstand the assault of a future quantum computer, which could potentially crack the security used to protect privacy in digital systems such as online banking and email software.
The most sophisticated and user-friendly method for blocking credential stuffing attacks is to use behavior-based detection and blocking.
While underscoring their full support for consumer data privacy and security, they noted that their members have been subject to “extensive federal privacy and data protection laws” for several decades, and pointed out several provisions of the legislation should be reconsidered.
A majority of data breaches during 2021—73%—were perpetrated by external actors, according to findings from Verizon’s latest global data breach investigations report.
VDPs open a communication channel to external cybersecurity researchers, while also encouraging current bank customers to participate in the feedback loop.
Treasury’s strategy identifies four priorities to address the most significant illicit finance threats to the U.S. financial system.
ABA and a coalition of financial services groups today called for extensive changes to a proposal by the Securities and Exchange Commission that would create new requirements for public companies regarding the disclosure of cybersecurity incidents.