Andrew Miller is a freelance writer specializing in financial services and information technology. He holds an MBA from Columbia University and a Master's in computer science from Rensselaer Polytechnic Institute. He has held jobs at CMP Media, MetLife, and Gartner.
Forensic Analysis Helps Solve the CrimeIn the event of a data break-in, forensic analysis -- the use of scientific techniques to investigate crimes -- is needed for various tasks, including: - investigating crimes and inappropriate behavior,- reconstructing computer security incidents,- troubleshooting operational...
The latest disclosure of a data breach involving financial information points up the need for a comprehensive response program, including complying with federal and state notification laws. Fidelity National Information Services revealed in July that a former employee of its Certegy check processing unit stole...
Curtis Moroney, systems administrator at Mississippi-based Britton & Koontz Bank, had been dealing with spam-related issues for almost ten years and had seen the problem get progressively worse
To create an effective information security incident response capability, banks need to first understand where they are in terms of security readiness. Benchmarking the information security program is one of the most difficult and important tasks a chief information security officer will face. That task has gotten...
Financial institutions need intrusion detection systems that incorporate wireless
The biggest credit-card hacking incident in history exploited a weakness in wireless network security that could have easily been fixed. The lesson for financial institutions is to plug all such weaknesses before wrongdoers discover...
Financial institutions need intrusion detection systems that incorporate wireless
The biggest credit-card hacking incident in history exploited a weakness in wireless network security that could have easily been fixed. The lesson for financial institutions is to plug all such weaknesses before wrongdoers discover...
One of the best ways financial institutions have of protecting critical infrastructure is to monitor system logs, which contain a gold mine of information about the health of the network. Network devices such as servers, routers, firewalls, wireless access points, and antivirus systems all generate log data, which...
Given the high cost of containing information security breaches, financial institutions have invested lots of time and money into developing incident response programs. But how do they know if their program is working properly?
The Check Clearing for the 21st Century Act (Check 21) has created new opportunities for financial institutions and customers. By eliminating the need to transport paper checks, remote check capture can provide significant cost savings for financial institutions. Customers benefit as well: retail customers can receive...
The revelation by TJX Companies, owner of T.J. Maxx and other retail brands, that at least 45.7 million credit and debit cards were compromised over several years highlights anew the risks associated with processing card transactions and the need to protect the information they contain.The breach eclipses the previous...
The financial services industry is one of the most highly regulated and closely supervised among those handling sensitive consumer information. Besides being subject to security breach disclosure laws at the state and federal levels, it must comply with industry-specific laws and regulations related to information...
Banks are attracted to Voice over Internet protocol (VoIP) as an alternative to traditional telephone networks because of the potential cost savings, including elimination of long distance charges and the need for only one network to manage both voice and data. However, VoIP entails increased data security risks,...
In 2006, the Federal Financial Institutions Examination Council (FFIEC) issued a revised version of the Bank Secrecy Act/Anti-Money Laundering (BSA/AML) Examination Manual. The manual has been updated to incorporate regulatory changes since the manual was first released in 2005 and to clarify supervisory expectations....
Securing the network against intrusion is more than complying with the Federal Financial Institutions Examination Council’s mandate for strong authentication—although it’s certainly that. It also makes good business sense. Financial institutions that implement information security technology and...
A Business Continuity Plan (BCP) is the process whereby financial institutions ensure the maintenance or recovery of operations, including services to customers, when confronted with adverse events such as natural disasters, technological failures, human error, or terrorism.
The objectives of a BCP are to minimize...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.