Preliminary results of the nationwide pandemic exercise for the financial services industry were released recently, and show that while the industry itself is among the most prepared, there is still much work to be done for individual institutions to be fully prepared for a true pandemic disaster.
Michael Jackson, Associate Director of Technology Supervision of the FDIC, provides early data on the impact of the recent California wildfires, including:
Number of banks and other FDIC-supervised institutions impacted;
Specific guidance on what the FDIC expects in a business continuity plan;
Preview of the...
Interview with William Henley, Director of IT Risk Management, Office of Thrift Supervsion (OTS)
In this interview, Henley discusses the impact of the California wildfires and reports on the number of thrifts that activated their incident management and disaster recovery plans. Henley also discusses the critical...
Steven Jones is the Director of Information Security for Synovus, a bank holding company with 39 banks in the Southeast United States. In this podcast interview Mr Jones discusses the comprehensive risk management process he had created that provides best in class residual risk reporting and metrics. He discusses...
Best-Practices for Getting Across the Right Messages
The board members at a financial institution are responsible for oversight and implementation of a sound security program, including the overall guidance and direction of setting a cultural value related to risk awareness, driving policy and strategy, defining a...
Forensic Analysis Helps Solve the CrimeIn the event of a data break-in, forensic analysis -- the use of scientific techniques to investigate crimes -- is needed for various tasks, including: - investigating crimes and inappropriate behavior,- reconstructing computer security incidents,- troubleshooting operational...
Incident Response Starts With a Comprehensive – and Tested – Plan of Action It’s 3 a.m., and your cell phone is buzzing off the bedroom dresser. Your boss is calling to tell you that the network servers that support your institution’s online banking site have been offline for the last two...
Steps to Take Against Phoned-in ThreatsThe recent “hostage” by phone scam that hit numerous retail stores and several banks in more than four states points to a question for other financial institutions that were not targeted. (See FBI notice:...
The latest disclosure of a data breach involving financial information points up the need for a comprehensive response program, including complying with federal and state notification laws. Fidelity National Information Services revealed in July that a former employee of its Certegy check processing unit stole...
When your regulator comes to your institution during your next examination, will your incident response plan be your Achille’s heel? Ensuring your institution is ready to respond to any breach begins with the development of a response team.
Under the interpretive authority granted by the Gramm-Leach-Bliley...
To create an effective information security incident response capability, banks need to first understand where they are in terms of security readiness. Benchmarking the information security program is one of the most difficult and important tasks a chief information security officer will face. That task has gotten...
A phishing incident response plan for financial institutions isn’t written just for good business practice, it’s also a regulatory requirement too.
While it is a challenge to put an incident response plan that meets your regulator’s minimum requirements, you also want to have a well thought out...
Given the high cost of containing information security breaches, financial institutions have invested lots of time and money into developing incident response programs. But how do they know if their program is working properly?
Lessons learned from TJX and previous data breaches to improve data protection
Outline data protection regulations financial institutions face
What regulators expect financial institutions to have in place for data protection
Best practices in data protection from a regulator, banker and processor
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
