I had an interesting email from a colleague the other day. Turns out someone he knows had recommended that he read a post of mine from January in which I discuss the value (or lack thereof) of having controls in place that don't function. He wanted to let me know about the reach of BIS and let me know that our...
By the latest count, the number of institutions that have informed their card customers and members that they were hit as a result of the Heartland Payment Systems (HPY) data breach has swelled to more than 678.
Heartland, the sixth-largest payments processor in the U.S., announced on Jan. 20 that its processing...
The number of identity fraud victims has increased 22 percent in the U.S., costing 9.9 million victims a total of $48 billion in 2008.
This is the news from the fifth annual Identity Fraud Survey Report from Javelin Strategy & Research. In an exclusive interview, James Van Dyke, Javelin founder and President,...
PowerBroker from BeyondTrust granularly controls access to systems and cardholder data, creates comprehensive logs and audit trails, and has an Entitlement Report that shows auditors that you have created a baseline to assess accountability.
This paper discusses how creating a secure access control...
The Heartland Payment Systems data breach - it's the first major security incident of 2009. But how big is it really? What are the key takeaways for banking institutions left explaining this breach to their customers?
In an exclusive interview, James Van Dyke, Founder and President of Javelin Strategy & Research,...
Information security experts are bracing for the law of unintended consequences to swing into action in 2009 as layoffs, downsizing and low morale bring the worst out of trusted insiders looking to profit off of proprietary intellectual property, customer contact lists, trade secrets and any other sensitive...
As banking regulators emphasize the necessity of application security, a broad-based consortium now sheds new light on the most common vulnerabilities.
Experts from more than 30 U.S. and international cyber security organizations, including the National Security Agency and the Department of Homeland Security's...
Reported data breaches increased by nearly half in 2008, and 12 percent of the total hacks were at financial institutions - up from 7 percent in 2007.
This is the news from the Identity Theft Resource Center's (ITRC) 2008 breach report, which shows that 2008's 656 reported breaches were up 47 percent over 2007's...
At a time when resources are tight and risks are abundant, many banking institutions are going mobile.
This is one of the findings of the recent Banking Confidence Survey, wherein 41% of respondents say their immediate business objectives include investment in new and enhanced services such as mobile banking. Their...
Standing in line to vote yesterday evening at my local middle school, I thought there were a lot of things that the 44th President will have to fix: the economy, the country, the federal government, the out of whack federal budget. Whew! That's a lot, just on a national scale; we're not even talking global problems...
The crime of deception is now even more deceptive.
Multi-channel fraud - schemes that are launched simultaneously via telephone, Internet, in person and via mail - is a growing concern for financial institutions. And the linked crimes aren't always easy to spot.
In this exclusive interview, security expert Diana...
The World Bank, an internationally-supported institution that provides loans to developing countries, is reported to have suffered a network intrusion that one insider labeled "an unprecedented crisis."
The breach, first reported by Fox News, alleges that servers in the Washington, D.C.-based bank's treasury unit...
The continued growth in assets and members means that the impact of downtime is affecting a larger base and is therefore potentially much more costly. Combined with the trend towards consolidation, the cost of downtime may in fact be prohibitive. Learn how new data protection and recovery technologies are making a...
The Payment Card Industry (PCI) has released its newest version of its data security standards (PCI-DSS). The version is designed to help protect transmitted charge and debit card information, and spells out a comprehensive vulnerability management program.
While not a banking regulatory standard, PCI was...
Howard Schmidt, a recognized information security thought leader, offers exclusive insights as new president of the Information Security Forum.
Schmidt, a household name in information security circles since his days as CISO and information security leader at Microsoft and eBay, discusses the global war against...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
