NSI
An experiment carried out within London's financial district has demonstrated what security experts have been saying for years: employees - even those working with ultra-sensitive financial data - are unaware of or don't care about basic security practices.
In the experiment, CDs were handed out to...
No, "pod slurping" is not something that happens in a sci-fi movie (although that's not a bad idea...); it's the practice of using an iPod or other small, portable memory device to illicitly download corporate data.
Here are three things you need to know about this alarming new security threat, also called...
In this article, I talk briefly about security incident investigators, their training and their role within an organization. Some regulations and standards require proper training of security incident investigators. ISO/IEC 17799 clarifies the need for trained security investigators when it states "When an...
As the threat of computer-initiated attacks increases, and as regulators put more pressure on banks to shore up their information assets, financial institutions are turning toward outsourcing their information security functions to third party processors. These outsourcing deals, which are often part of a larger IT...
In deciding to retain a managed security service provider, an organization needs to treat the potential action as a risk mitigation sharing decision. When weighing the risks, banks need to consider issues such as trust, dependence, and ownership.
Establishing a good working relationship and building trust between a...
Preparing for security incident investigations
Preparation is the most important phase of security incident investigations since most of the requirements previously discussed can't be addressed at the time the investigation is being conducted.
Preparations shall therefore address these requirements (what the...
The way security investigations are performed in banks is receiving more attention nowadays. In the past, general procedures and practices for incident response were acceptable. However, due to security trends and regulations that affect banks specifically, these institutions require slightly different approaches to...
About a year ago I was in process of trying to find an information security professional to augment existing staff. Our company used a personnel firm who specialized in placing contract IT and security professionals. It occurred to me that we weren't very circumspect about requiring background investigations before...
Security-naive machines are about to swarm onto your precious networks.
Brace yourself.
Brian McKenna is the editor of Infosecurity Today (www.infosecurity-magazine.com)
McKENNA: We know from surveying our readers that they are very focused on the medium term. In other words, what the security threats are going...
Cyber-criminals are targeting the most vulnerable access points within businesses - employees - to execute their attacks, a new study finds.
In its annual closely watched security report, IBM warns that although widespread virus outbreaks are on the decline, on the whole online attacks are expected to rise in 2006....
Biometrics, the use of electronically- stored records of physical identifiers that corroborate a person's identity, is now moving out of the realms of fiction and into everyday life. Already there are reports that more than 60 hospitals in the UK use fingerprint technology to access patient files. Commercially, the...
New Trojans Target Bank Accounts
A new breed of malicious software doesn't even bother to steal victims' bank-account numbers and passwords - it simply lies in wait until they log into their account, then transfers money out. That warning comes from anti-virus technologists from MessageLabs, a security firm. These...
There are many unpleasant tasks in life and work. Monitoring employee behavior is one of those unpleasant tasks. Management has to take a strong role in insuring that liability does not come the company's way, i.e., Risk Management. New regulations hold management responsible for employee behavior which can cause the...
The CSO Magazine Security Sensor, a bi-annual survey of 420 chief security officers (CSOs) and senior security executives conducted by IDG's CSO magazine, reveals business resiliency and disaster recovery as the top ranking priority for security chiefs in 2006 - up from the third most important priority in 2004. ...
The contract management software market is moving toward a merger and acquisition spree. Choosing the right vendor can be a risky proposition. This does not mean organizations should delay a contract management purchase. Instead, it means decision makers should carefully weigh the pros and cons of purchasing an Oracle...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.