I'm out in the field this week conducting a series of services for one our clients. At the moment I'm heavily focused on completing a draft of a new vendor management program for them to implement. Although we have a standard methodology that's been used by the practice for several years, I've taken it upon myself...
This week's arrest of 11 alleged hackers accused of stealing more than 40 million credit and debit card numbers may be only the "tip of the iceberg," security experts say.
In the largest identity theft case ever prosecuted by the US Department of Justice, 11 alleged hackers from around the globe face up to life in...
Identity theft red flags, business continuity planning, vendor management - these topics all have received fresh attention from the regulatory agencies this year. And with more to come before year's end.
So, as a way to both reflect and project, we take a look at the Top 6 Regulatory Issues of 2008 - and identify...
In a month of bad news for banking (see recent stories about IndyMac Bank and other failures), our recent series of articles and insights on Gramm-Leach-Bliley Act (GLBA) compliance delivers a reassuring message: Banking institutions are making progress in safeguarding customer information.
A "progressive learning...
The recent release of a University of Michigan study on the security flaws of online banking websites brings attention to the often overlooked area of web application security.
In this exclusive interview, Jeremiah Grossman of WhiteHat Security shares his insights on the importance of web application security for...
Last month I wrote several articles on GLBA compliance, and I asked several people I know who are fluent in these issues what are some of the most common questions they face on GLBA as a security manager or assessor at the institutions they either work at or are assessing?
During my formative years, I developed a tendency to spend considerable time trying to figure out ways to circumvent the myriad systems teenagers and young adults are confronted with. So much of what was expected of me just didn't make sense, and I didn't want to simply go-along-to-get-along. My father would often...
Only half of U.S. banking institutions will beat the Nov. 1 deadline for compliance with the Identity Theft Red Flags Rule.
This is the key finding of this survey aimed at gauging the success of institutions' efforts to meet the terms of the new regulatory mandate. The survey, administered electronically in June,...
I was in shock, I could not believe such a headline made front page news on Digg.com. I didn't think anyone would believe me; I had to take a screenshot! OK, OK, I may be exaggerating a bit - however I can say that as much as I visit Digg.com, rarely do I see something that has implications to banking and...
Business continuity planning (BCP) is a key element to Gramm-Leach-Bliley Act (GLBA) compliance, but compliance alone isn't enough to sustain a business in the wake of disaster.
Given recent guidance on business continuity in general, pandemic planning in particular, we caught up with a pair of industry experts to...
Interview with Tom Field, Editorial Director at Information Security Media Group
As Nov. 1 looms, Identity Theft Red Flags Rule compliance is an absolute must for financial institutions. Information Security Media Group recently surveyed 300 banking and credit union leaders to gauge their progress toward...
I've told this story before about Michael Barrett, CISO of PayPal. When he joined the company, he asked how senior leaders were fighting the phishing problem.
"Technically, we don't have a phishing problem," he was told.
Want a fun exercise?
Go to Google News and type in "banks, confidence" - see what results you get.
These words are top-of-mind for all of us, of course, in the wake of the IndyMac Bank failure . Customer confidence is almost like the stock market - on a daily basis, we wonder whether it's up or down.
Even...
More than 75 percent of bank webites in a recent survey have at least one design flaw that could make customers vulnerable to cyber thieves.
This according to a new University of Michigan study of online banking.
These design flaws stem from the flow and the layout of the websites, according to the study. Led...
Financial institutions should brace themselves for more malicious attacks, as the recent Threat Horizon 2010 report from the Information Security Forum (ISF) warns of an increase in such threats -- including attacks from organized crime and industrial espionage.
"In general, financial services probably represent...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.