Want a fun exercise?
Go to Google News and type in "banks, confidence" - see what results you get.
These words are top-of-mind for all of us, of course, in the wake of the IndyMac Bank failure . Customer confidence is almost like the stock market - on a daily basis, we wonder whether it's up or down.
Even...
More than 75 percent of bank webites in a recent survey have at least one design flaw that could make customers vulnerable to cyber thieves.
This according to a new University of Michigan study of online banking.
These design flaws stem from the flow and the layout of the websites, according to the study. Led...
When most people hear "Social Engineering," they think of the criminal aspects of the term. But the practice also has professional applications for security practitioners who want to help test and improve organizations' security practices.
Social Engineering is the act of gaining unauthorized access to systems or...
One of the tricks of my trade is to see the forest for the trees. Which is to say that with what our practice encounters during fieldwork, what we hear from the regulatory agencies and what we read/hear about in the news, we need to correlate and figure out what it all means. We then need to apply that toward the...
Financial institutions should brace themselves for more malicious attacks, as the recent Threat Horizon 2010 report from the Information Security Forum (ISF) warns of an increase in such threats -- including attacks from organized crime and industrial espionage.
"In general, financial services probably represent...
Some U.S. senators don't just want to make the news, they want to be front and center in the headlines. Charles Schumer, U.S. Senator from New York, is the latest headline maker.
Chuck Schumer's letters in late June to banking agencies inquiring about the stability and strength of IndyMac bank -- prior to the...
Talk about a harmonic convergence.
Just as the major banking regulatory agencies went before the Senate committee recently to deliver their "State of the Banking Industry" addresses, I was sitting back and starting to think about drafting the questions for our next State of Banking Information Security survey.
I no sooner finished my most recent post on Business Continuity Planning, and we (BIS) published the transcript of a podcast conducted with Roger Batsel CISO Interviews: Roger Batsel, Republic Bank, on Business Continuity/Disaster Recovery), SVP, Managing Director of Information Systems at Republic Bank, Louisville,...
Whenever family or friends or otherwise ask what I do or what kind of company I work for, I always take the opportunity to start off with a question: Do you know what "information security" is? I do not expect much, as I myself could not quite give a clear definition before working in the position I hold now. No one...
When an institution's focus turns to compliance with the Gramm-Leach-Bliley Act (GLBA), questions always pop up -- What should the institution's core GLBA program include; who should be involved; what kind of information is needed, and what should be prepared for an assessment?
We've asked industry...
Just the other night, I was watching the 1958 classic movie about the sinking of the Titanic. You know, the one that told the straight story before Leonardo DiCaprio and Kate Winslet's steamy romantic version?
My recent post on Business Continuity Planning and its role in supporting institutions affected by the recent Midwest flooding generated more than its fair share of dialogue with my peers.
So much of what's required by regulation often presents itself as a documentation exercise and rarely transcends the...
Was it the largest synchronized security update in the history of the Internet?
On Tuesday, a coordinated patch was released by security researcher Dan Kaminsky of IO Active, fixing a vulnerability that exists in all Domain Name System (DNS) servers.
What does that mean for financial institutions? Patches are...
Early this year, I caught up with Steve Katz, the dean of banking CSO's (see Stephen Katz on Top InfoSec Issues of 2008), and he had some interesting insights on the year's top challenges for banking institutions.
Remember when you were in school and you hadn't read the chapter like your American history teacher had instructed your class to do on Friday afternoon right before the last bell? It was springtime; who was paying attention to their school work? Who thought there might be a pop quiz on Monday afternoon?
Now, here...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
