As of Oct. 1, U.S. banking institutions have just one month to come into compliance with the Identity Theft Red Flags Rule, which mandates new levels of ID Theft program management, training and awareness.
Register for this webinar to get your first glimpse at the new regulatory examination procedures for this...
The blaring headlines about New York Governor Eliot Spitzer's fall from power brought the public's attention to a relatively hidden group of people that financial institutions must keep their eyes on - the politically exposed person (PEP).
Are banks and credit unions required to monitor PEPs? The answer is "Yes" or...
Understanding the trends and patterns of the past is the key to understanding the future, and security is no exception. The following security threat trends for 2008 have been assembled as a result of their frequency during security audits performed last year. These common and fundamental security issues typically...
Just when you thought PCI deadlines were behind you ...
The deadline for compliance with the Payment Card Industry's Data Security Standard DSS (PCI-DSS) 6.6 requirement is June 30. This requirement describes security steps that are intended to address threats to web applications.
But industry analysts project...
The road to PCI compliance for retailers and financial institutions may have many wrecks along the way. But there are also some solid best-practices to lead the way for PCI laggards, says David Taylor, Research Director at the PCI Alliance.
What makes one company a compliance leader and another a loser when it...
Do you know what privileged users are doing on your IBM AS/400 (System i) servers?
Many banks running banking applications such as FiServ or Jack Henry store their most critical data on AS/400 servers. One of the most common security lapses uncovered in System i and AS/400 audits is too many people with access to...
An unencrypted backup tape is missing from the Bank of New York Mellon, potentially exposing information on 4.5 million customers of that bank and of People's United Bank of Bridgeport, CT.
The missing tape contains social security numbers and bank account information on 4.5 million customers - including several...
New Hampshire customers of TD BankNorth were notified earlier this week that their Visa debit or credit cards have been compromised, and the likeliest culprit is the recent Hannaford Brothers Supermarkets security breach.
"We became aware during the last few days that there was some fraudulent activity on some of...
Phishing, vishing, whaling - there are a growing number of electronic social engineering threats to unsuspecting consumers and their identities. Financial institutions and their customers increasingly are targets of these attacks. But they're also fighting back.
Listen to this interview to hear:
What are the...
As financial institutions continue to migrate their services and operations online, the Office of the Comptroller of the Currency reminds national banks and their technology service providers about the importance of application security as a component of an information security program.
A new OCC bulletin...
At A Time When Preserving Customer Trust Is Critical, Financial Institutions Bank On Technology Solutions
The credit crisis and security threats have pushed financial institutions to step up their efforts to secure personal data and ensure their customers' trust.
Download this white paper for case studies of...
Let's cut to the chase: PCI compliance for retailers, banks and service providers is hard.
Michael Gavin, security strategist at Security Innovation, a PCI QSA and ASV assessment firm, offers his insights on PCI compliance struggles, i.e. the Hannaford breach, and the reality that there is no absolute security. A...
Social engineering is the ultimate con - the bag of tricks employed by fraudsters who will lie, cheat and steal their way past your organization's security controls. Their goals: theft, fraud or espionage. Your best line of defense: Your people.
Fraud incidents are on the rise - especially in financial services and...
The era of Suspicious Activity Reports (SARs) in the United States began with the Annunzio-Wylie Anti-Money Laundering Act of 1992, which required regulated financial institutions to report transactions that they suspected might involve illicit funds or purposes.
You may ask yourself every time you complete a SAR,...
Data security breaches add millions of dollars to bottom line expenses, but there is also the immeasurable cost of security breaches on your brand that affect future revenue and growth. Virtually every financial institution today exchanges large amounts of information both inside and outside the organization....
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.