Best-Practices for Getting Across the Right Messages
The board members at a financial institution are responsible for oversight and implementation of a sound security program, including the overall guidance and direction of setting a cultural value related to risk awareness, driving policy and strategy, defining a...
Forensic Analysis Helps Solve the CrimeIn the event of a data break-in, forensic analysis -- the use of scientific techniques to investigate crimes -- is needed for various tasks, including: - investigating crimes and inappropriate behavior,- reconstructing computer security incidents,- troubleshooting operational...
Incident Response Starts With a Comprehensive – and Tested – Plan of Action It’s 3 a.m., and your cell phone is buzzing off the bedroom dresser. Your boss is calling to tell you that the network servers that support your institution’s online banking site have been offline for the last two...
Steps to Take Against Phoned-in ThreatsThe recent “hostage” by phone scam that hit numerous retail stores and several banks in more than four states points to a question for other financial institutions that were not targeted. (See FBI notice:...
The latest disclosure of a data breach involving financial information points up the need for a comprehensive response program, including complying with federal and state notification laws. Fidelity National Information Services revealed in July that a former employee of its Certegy check processing unit stole...
When your regulator comes to your institution during your next examination, will your incident response plan be your Achille’s heel? Ensuring your institution is ready to respond to any breach begins with the development of a response team.
Under the interpretive authority granted by the Gramm-Leach-Bliley...
To create an effective information security incident response capability, banks need to first understand where they are in terms of security readiness. Benchmarking the information security program is one of the most difficult and important tasks a chief information security officer will face. That task has gotten...
A phishing incident response plan for financial institutions isn’t written just for good business practice, it’s also a regulatory requirement too.
While it is a challenge to put an incident response plan that meets your regulator’s minimum requirements, you also want to have a well thought out...
Given the high cost of containing information security breaches, financial institutions have invested lots of time and money into developing incident response programs. But how do they know if their program is working properly?
Lessons learned from TJX and previous data breaches to improve data protection
Outline data protection regulations financial institutions face
What regulators expect financial institutions to have in place for data protection
Best practices in data protection from a regulator, banker and processor
The banking industry is one of the most highly regulated and closely supervised among those handling sensitive consumer information. Besides being subject to security breach disclosure laws at the state and federal levels, it must comply with industry-specific laws and regulations related to information security and...
The SANS Institute is the largest source for information security training and certification in the world. BankInfoSecurity.com recently interviewed Alan Paller, Director of Research for SANS and probed his views on information security and cyber threats facing financial institutions.
As Director of Research for...
During Howard Schmidt's remarkable career in public and corporate service, he has seen it all from the inside. He began his information security career in government in the U.S. Air Force and helped establish it's groundbreaking computer forensics lab. He then moved into law enforcement. Later he left public...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.