To me, this is one of the sleeper stories of the year.
The ID Theft Red Flags Rule, Business Continuity and Anti-Money Laundering have dominated the headlines - and banking/security priorities. But recent attention paid to Application Security has the potential to fuel one major fire drill in 2009.
Everyone was watching the Olympics this past month and saw lots of records being broken. But there is one record no one want to be included in -- the record number of 449 data breaches that have happened (and been made public) and recorded by the Identity Theft Resource Center.
Unfortunately for some unlucky...
GLBA who? Bank Secrecy what? Insider Threat?...is that something mob-related?
Your customers may not even know your institution is examined for security compliance by the banking regulatory agencies, and so most likely will have never even heard about the ID Theft Red Flags Rule and the impending November 1 ...
So, I'd started my weekly blog entry intending to discuss application security (I'm keenly interested in what the just-released BIS survey is going to reveal) when the following headline came across on my BIS RSS feed "Social Engineering Hits Brit Bank Head, Victim of Fraud."
You'll have to forgive me for being so...
Maybe the Countrywide television ads that constantly run on cable news shows I watch on weekends will now tout, "Finance your mortgage with Countrywide, and have your identity stolen at the same time for mere pennies."
The recent arrest of a former Countrywide employee in the insider identity theft case, where an...
The OTS released their examination procedures this past week for the looming ID Theft Red Flags requirements due to go into effect in 75 days (not that I'm counting). In discussing this both with members of our management team and fellow practitioners, I'm finding that there's a decided split as to what the impact is...
To me, it was a given.
In the wake of recent news of IndyMac and other bank failures, it seemed safe to say that U.S. banking institutions were dealing with a bit of a crisis of confidence. I mean, I didn't imagine that line of anxious customers outside IndyMac, did I?
But then I got a recent note from a...
I'm out in the field this week conducting a series of services for one our clients. At the moment I'm heavily focused on completing a draft of a new vendor management program for them to implement. Although we have a standard methodology that's been used by the practice for several years, I've taken it upon myself...
Last month I wrote several articles on GLBA compliance, and I asked several people I know who are fluent in these issues what are some of the most common questions they face on GLBA as a security manager or assessor at the institutions they either work at or are assessing?
During my formative years, I developed a tendency to spend considerable time trying to figure out ways to circumvent the myriad systems teenagers and young adults are confronted with. So much of what was expected of me just didn't make sense, and I didn't want to simply go-along-to-get-along. My father would often...
I was in shock, I could not believe such a headline made front page news on Digg.com. I didn't think anyone would believe me; I had to take a screenshot! OK, OK, I may be exaggerating a bit - however I can say that as much as I visit Digg.com, rarely do I see something that has implications to banking and...
Want a fun exercise?
Go to Google News and type in "banks, confidence" - see what results you get.
These words are top-of-mind for all of us, of course, in the wake of the IndyMac Bank failure . Customer confidence is almost like the stock market - on a daily basis, we wonder whether it's up or down.
Even...
When most people hear "Social Engineering," they think of the criminal aspects of the term. But the practice also has professional applications for security practitioners who want to help test and improve organizations' security practices.
Social Engineering is the act of gaining unauthorized access to systems or...
One of the tricks of my trade is to see the forest for the trees. Which is to say that with what our practice encounters during fieldwork, what we hear from the regulatory agencies and what we read/hear about in the news, we need to correlate and figure out what it all means. We then need to apply that toward the...
Some U.S. senators don't just want to make the news, they want to be front and center in the headlines. Charles Schumer, U.S. Senator from New York, is the latest headline maker.
Chuck Schumer's letters in late June to banking agencies inquiring about the stability and strength of IndyMac bank -- prior to the...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
