A recent Comptroller of the Currency (OCC) guidance emphasizes the need for stronger application security within financial institutions and their third-party service providers to maintain integrity of data, mitigate true risks and avoid being prime targets for criminal activities. We queried two information security...
Sahba Kazerooni is a senior security consultant with Security Compass, a security consulting and training firm specializing in application security based in New Jersey. He is also an internationally-renowned speaker on security topics, and has provided presentations at security conferences around the world, including...
So, I'd started my weekly blog entry intending to discuss application security (I'm keenly interested in what the just-released BIS survey is going to reveal) when the following headline came across on my BIS RSS feed "Social Engineering Hits Brit Bank Head, Victim of Fraud."
You'll have to forgive me for being so...
As part of the Nov. 1 Identity Theft Red Flags Rule compliance deadline, financial institutions must step up efforts to train employees and customers alike to be more cognizant of Identity Theft and its symptoms.
The idea behind the education is simple: Increasing security awareness prevents the crime from happening....
I'm out in the field this week conducting a series of services for one our clients. At the moment I'm heavily focused on completing a draft of a new vendor management program for them to implement. Although we have a standard methodology that's been used by the practice for several years, I've taken it upon myself...
More than 75 percent of bank webites in a recent survey have at least one design flaw that could make customers vulnerable to cyber thieves.
This according to a new University of Michigan study of online banking.
These design flaws stem from the flow and the layout of the websites, according to the study. Led...
Whenever family or friends or otherwise ask what I do or what kind of company I work for, I always take the opportunity to start off with a question: Do you know what "information security" is? I do not expect much, as I myself could not quite give a clear definition before working in the position I hold now. No one...
We've known for roughly six months now that the Identity Theft Red Flags Rule compliance deadline is Nov. 1, barely four months away. How close, then, are banking institutions to meeting that deadline?
That is the question of the summer, and the answer will be found in the results of our new Identity Theft Red...
EDITOR'S NOTE: This is the first installment of an occasional series summarizing key banking/security regulatory documents.
The Business Continuity Planning manual is part of the IT Examination Handbook from Federal Financial Institutions Examination Council (FFIEC). The March 2008 version of the BCP manual has...
New Hampshire customers of TD BankNorth were notified earlier this week that their Visa debit or credit cards have been compromised, and the likeliest culprit is the recent Hannaford Brothers Supermarkets security breach.
"We became aware during the last few days that there was some fraudulent activity on some of...
One midwestern credit union (which prefers to remain anonymous), with nearly $200 million in assets and more than 30,000 members, has been phished four times -- the most recent in 2006, with three of those incidents occurring within a 90-day period.
So what do you do if your financial institution's brand is...
RICHARD SWART: Hi this is Richard Swart with Information Security Media Group publishers of BankInfoSecurity.com and CUInfoSecurity.com. Today we’ll be speaking with James Kist who is a senior consultant for Icons Inc. He has more than 15 years experience in information technology and has authored courseware...
Here’s a podcast from Information Security Media Group on a hot security topic: Web Applications. Listen as information security expert James Kist answers questions regarding how important web app security is for a financial institution.
James Kist, CISSP, CCSI, CCSE, CCSA, is a senior Information Security...
The recent announcement by Fidelity National Information Services, a financial processing company, that one of its employees at a subsidiary stole 2.3 million consumer records containing credit card, bank account and other personal information is yet another drop in the bucket of data leakage.
A recent survey of banking executives showed the overwhelming majority plan to increase spending on automated Anti-Money Laundering (AML) transaction monitoring and on staff to help strengthen their compliance programs.
Darren Donovan, head of KPMG’s Forensic Services said the survey, administered by KPMG...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.