This week's arrest of 11 alleged hackers accused of stealing more than 40 million credit and debit card numbers may be only the "tip of the iceberg," security experts say.
In the largest identity theft case ever prosecuted by the US Department of Justice, 11 alleged hackers from around the globe face up to life in...
Identity theft red flags, business continuity planning, vendor management - these topics all have received fresh attention from the regulatory agencies this year. And with more to come before year's end.
So, as a way to both reflect and project, we take a look at the Top 6 Regulatory Issues of 2008 - and identify...
In a month of bad news for banking (see recent stories about IndyMac Bank and other failures), our recent series of articles and insights on Gramm-Leach-Bliley Act (GLBA) compliance delivers a reassuring message: Banking institutions are making progress in safeguarding customer information.
A "progressive learning...
The recent release of a University of Michigan study on the security flaws of online banking websites brings attention to the often overlooked area of web application security.
In this exclusive interview, Jeremiah Grossman of WhiteHat Security shares his insights on the importance of web application security for...
Only half of U.S. banking institutions will beat the Nov. 1 deadline for compliance with the Identity Theft Red Flags Rule.
This is the key finding of this survey aimed at gauging the success of institutions' efforts to meet the terms of the new regulatory mandate. The survey, administered electronically in June,...
Interview with Tom Field, Editorial Director at Information Security Media Group
As Nov. 1 looms, Identity Theft Red Flags Rule compliance is an absolute must for financial institutions. Information Security Media Group recently surveyed 300 banking and credit union leaders to gauge their progress toward...
I've told this story before about Michael Barrett, CISO of PayPal. When he joined the company, he asked how senior leaders were fighting the phishing problem.
"Technically, we don't have a phishing problem," he was told.
In the face of regulatory requirements and emerging security threats, banking institutions must consider the policies and procedures necessary for proper retention of audit reports, papers and logs.
Register for this webinar for an overview of the contractual, legal and regulatory compliance requirements for...
Talk about a harmonic convergence.
Just as the major banking regulatory agencies went before the Senate committee recently to deliver their "State of the Banking Industry" addresses, I was sitting back and starting to think about drafting the questions for our next State of Banking Information Security survey.
Whenever family or friends or otherwise ask what I do or what kind of company I work for, I always take the opportunity to start off with a question: Do you know what "information security" is? I do not expect much, as I myself could not quite give a clear definition before working in the position I hold now. No one...
When an institution's focus turns to compliance with the Gramm-Leach-Bliley Act (GLBA), questions always pop up -- What should the institution's core GLBA program include; who should be involved; what kind of information is needed, and what should be prepared for an assessment?
We've asked industry...
Was it the largest synchronized security update in the history of the Internet?
On Tuesday, a coordinated patch was released by security researcher Dan Kaminsky of IO Active, fixing a vulnerability that exists in all Domain Name System (DNS) servers.
What does that mean for financial institutions? Patches are...
Early this year, I caught up with Steve Katz, the dean of banking CSO's (see Stephen Katz on Top InfoSec Issues of 2008), and he had some interesting insights on the year's top challenges for banking institutions.
The Financial Modernization Act of 1999, AKA the Gramm-Leach-Bliley Act, or just plain GLBA.
However you know it, financial institutions now have had several years of regulatory oversight and examination on it, but some are still struggling to meet the regulation's myriad list of requirements, which include...
Eighty-seven percent of major data breaches could have been avoided through reasonable security measures.
This is the conclusion of a new report from Verizon Business Security Solutions, analyzing 500 forensic investigations of data breaches. Financial institutions made up 14 percent of all companies included in...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
