Online risks, card skimming and data leakage are the top threats to Asia Pacific and Indian banks, and financial institutions are just starting to implement security measures and regulations to combat the growing threat landscape, says Gartner's Matthew Cheung.
Many organizations have the expertise required to implement cyber intelligence but have yet to learn how to integrate those skill sets into an effective, end-to-end process, says Intelligence and National Security Alliance's Terry Roberts.
"Matching an implementation to the cloud definition can assist in evaluating the security properties of the cloud," says computer scientist Peter Mell, author of The NIST Definition of Cloud Computing.
What fraud and security issues does Paul Smocer, the new president of BITS, see as being top concerns in the coming year? Mobile payments, social media, and a strong need for institutions and organizations to comply with existing guidance top the list.
"The CRMA will give us a heightened awareness of our responsibility in not just evaluating operational or compliance risks, but understanding strategic risks to the business," says Denny Beran of J.C. Penney.
The growing IT security profession - which shows virtually no unemployment, according to government data - remains the domain of white and Asian men with a scarcity of women, African Americans and Latinos.
"With a company-issued device, you can issue a policy that says users have no rights of privacy over information on the device," says Javelin's Tom Wills. But with employee-owned devices? A whole new set of issues.
In the areas of risk management and business continuity, security professionals have advanced significantly since Sept. 11, 2001. But there's still an issue of complacency that needs to be addressed, says Rolf von Roessing, past international vice president of ISACA.
"We find a lot of security professionals saying, 'I'm just going to get another certification, or I'm going to get deeper into this technology skill,'" says researcher David Foote. "That's not going to get you very far."
"Once you identify that person based on the unique characteristics of their face, you could then match it with other databases," privacy advocate Beth Givens says, referring to privacy gaps created by facial recognition technology.
The Reserve Bank of India issued guidance in April, 2011 for banks to mitigate the risks of use of information technology in banking operations. Here is an overview of the nine topics specifically addressed by the guidance.