Only half of U.S. banking institutions will beat the Nov. 1 deadline for compliance with the Identity Theft Red Flags Rule.
This is the key finding of this survey aimed at gauging the success of institutions' efforts to meet the terms of the new regulatory mandate. The survey, administered electronically in June,...
Interview with Tom Field, Editorial Director at Information Security Media Group
As Nov. 1 looms, Identity Theft Red Flags Rule compliance is an absolute must for financial institutions. Information Security Media Group recently surveyed 300 banking and credit union leaders to gauge their progress toward...
I've told this story before about Michael Barrett, CISO of PayPal. When he joined the company, he asked how senior leaders were fighting the phishing problem.
"Technically, we don't have a phishing problem," he was told.
Talk about a harmonic convergence.
Just as the major banking regulatory agencies went before the Senate committee recently to deliver their "State of the Banking Industry" addresses, I was sitting back and starting to think about drafting the questions for our next State of Banking Information Security survey.
Whenever family or friends or otherwise ask what I do or what kind of company I work for, I always take the opportunity to start off with a question: Do you know what "information security" is? I do not expect much, as I myself could not quite give a clear definition before working in the position I hold now. No one...
When an institution's focus turns to compliance with the Gramm-Leach-Bliley Act (GLBA), questions always pop up -- What should the institution's core GLBA program include; who should be involved; what kind of information is needed, and what should be prepared for an assessment?
We've asked industry...
Was it the largest synchronized security update in the history of the Internet?
On Tuesday, a coordinated patch was released by security researcher Dan Kaminsky of IO Active, fixing a vulnerability that exists in all Domain Name System (DNS) servers.
What does that mean for financial institutions? Patches are...
Early this year, I caught up with Steve Katz, the dean of banking CSO's (see Stephen Katz on Top InfoSec Issues of 2008), and he had some interesting insights on the year's top challenges for banking institutions.
The Financial Modernization Act of 1999, AKA the Gramm-Leach-Bliley Act, or just plain GLBA.
However you know it, financial institutions now have had several years of regulatory oversight and examination on it, but some are still struggling to meet the regulation's myriad list of requirements, which include...
Eighty-seven percent of major data breaches could have been avoided through reasonable security measures.
This is the conclusion of a new report from Verizon Business Security Solutions, analyzing 500 forensic investigations of data breaches. Financial institutions made up 14 percent of all companies included in...
Only half of U.S. banking institutions say they will beat the Nov. 1 deadline for compliance with the Identity Theft Red Flags Rule.
This is the key finding of a new survey aimed at gauging the success of institutions' efforts to meet the terms of the new regulatory mandate. The survey, administered in June by...
So, how do the third-party service providers respond to regulatory pressure on financial institutions to improve vendor management?
The major banking regulatory agencies have sent a clear statement to the institutions they oversee: Do a better job of selecting, contracting with and managing your major vendors....
I started scoping out my next blog entry with PCI in mind (and how it will likely find its way into the community-bank/credit union space in a few years) and was blind-sided by one of my favorite nits to pick recently: the risks presented by poorly managed third-party vendor relationships.
Life on the Great Plains for many nomadic Indian tribes was built around the buffalo. The tribes followed the herds of great shaggy beasts across the rolling hills of tall grass, their entire lifecycle centered on the buffalo herd. Braves honed their lance and bow and arrow skills with hours of practice. A common...
Finally, it's your turn to have your say.
Since first joining Information Security Media Group late last summer, one of my primary goals has been to debut a blog for BankInfoSecurity.com and CUinfoSecurity.com.
Today, proudly, I'm able to announce the launch of not just one blog, but five - with more to come in...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.