As regulators turn up the heat on banking institutions to improve vendor management, the industry's emerging standard assessment program has a new look and a new version set to debut this fall.
The Shared Assessments Program, formerly known as the Financial Institution Shared Assessment Program (FISAP), is promoted...
With all the focus on banks and credit unions' work to comply with the ID Theft Red Flags Rule, many in the financial services industry have forgotten that the largest share of entities impacted by this new regulation are non-banking institutions -- finance companies, automobile dealers, mortgage brokers, etc.
And...
To me, this is one of the sleeper stories of the year.
The ID Theft Red Flags Rule, Business Continuity and Anti-Money Laundering have dominated the headlines - and banking/security priorities. But recent attention paid to Application Security has the potential to fuel one major fire drill in 2009.
When I started this job a year ago and reached out to banking/security leaders, the overwhelming message I got was "Security awareness - we don't do it well."
For banking institution employees, maybe there was an information security training seminar when they first started. Or an occasional workshop on identity...
Everyone was watching the Olympics this past month and saw lots of records being broken. But there is one record no one want to be included in -- the record number of 449 data breaches that have happened (and been made public) and recorded by the Identity Theft Resource Center.
Unfortunately for some unlucky...
A Wells Fargo bank access code was used to steal the personal information of roughly 5,000 consumers, leading the bank to conduct a full-scale inquiry into the data breach.
Wells Fargo says it was notified on July 1 by MicroBilt, an online consumer and commercial credit bureau information provider, that someone had...
The OTS released their examination procedures this past week for the looming ID Theft Red Flags requirements due to go into effect in 75 days (not that I'm counting). In discussing this both with members of our management team and fellow practitioners, I'm finding that there's a decided split as to what the impact is...
Gramm-Leach-Bliley - it's at the heart of every financial institution's security program. In this exclusive interview, Nathan Johns, formerly of the FDIC, discusses current GLBA compliance trends, including:
Where institutions are most challenged to meet compliance;
Where they are seeing successes;
Vendor...
Interview with Brent Rickles, SVP, First National Bank of Bosque County, on Securing Financial Data and Systems Through Application Whitelisting
"Whitelisting" is a new twist on information security. Instead of trying to find a software solution that keeps all of the potential bad guys out of your systems,...
As part of the Nov. 1 Identity Theft Red Flags Rule compliance deadline, financial institutions must step up efforts to train employees and customers alike to be more cognizant of Identity Theft and its symptoms.
The idea behind the education is simple: Increasing security awareness prevents the crime from happening....
Following is a list of the 26 red flags identified for financial institutions in the interagency Identity Theft Red Flags Rule. Institutions must comply with this rule by Nov. 1.
So, if last week's indictment of 11 hackers by the U.S. Department of Justice and the U.S. Attorney General's office was just the "tip of the iceberg" in terms of information security threats to financial institutions and merchants, then what's below the surface?
More breaches, say industry and security experts,...
With fewer than three months to go before the ID Theft Red Flags Rule compliance deadline, banking regulatory agencies this week are starting to unveil their new examination procedures.
The Office of Thrift Supervision (OTS) is the first agency to announce its exam procedures, presenting them today (Aug. 11) in a 2...
I'm out in the field this week conducting a series of services for one our clients. At the moment I'm heavily focused on completing a draft of a new vendor management program for them to implement. Although we have a standard methodology that's been used by the practice for several years, I've taken it upon myself...
This week's arrest of 11 alleged hackers accused of stealing more than 40 million credit and debit card numbers may be only the "tip of the iceberg," security experts say.
In the largest identity theft case ever prosecuted by the US Department of Justice, 11 alleged hackers from around the globe face up to life in...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
