Payment channel innovation is a headache for banks, consumers and the companies that serve them. The newer and more convenient the payment mechanism - think contactless - the more the concerns over cyber-security.
• Balancing customer convenience and security
• Fighting determined multi-channel attacks
• Tokenisation and the future of payment security
• Lessons from PCI DSS and other payment security standards
Old-fashioned robbers stole from banks "because that's where the money is", and cyber criminals operate on the same logic. They are helped by poor IT management, complex legacy systems, rapid innovation in payments mechanisms and the way banks tend to operate in silos. How should banks be responding?
• Understanding high-loss, high-impact threats
• Evaluating vulnerabilities to make risk-based decisions
• Countering the digital industrialisation of fraud
• Protecting customers from sophisticated attacks
It's too easy to say that staff are the weakest link, but it is true that what some IT professionals call 'wetware' (that's you and me) is an attack surface favoured by cybercriminals. It is up to employers to help their staff counter cyber threats.
• Using positive social engineering to train staff and defeat attacks
• Building a cyber resilient corporate culture from the inside out
• How to beat phishing, ransomware and employee-triggered malware
• How to get the best results from staff cyber risk training programs
The proliferation of threats and potential solutions makes cyber risk management an ongoing headache. If threats are constantly evolving, and solution providers disagree on the basic defensive concepts, where do CISOs and other data security professionals start?
• Building repeatable, adaptive systems and processes
• Access control and managing privileged accounts access
• Effective monitoring and detection systems
• Incident response planning, preparation, testing and execution