One of the tricks of my trade is to see the forest for the trees. Which is to say that with what our practice encounters during fieldwork, what we hear from the regulatory agencies and what we read/hear about in the news, we need to correlate and figure out what it all means. We then need to apply that toward the...
Eighty-seven percent of major data breaches could have been avoided through reasonable security measures.
This is the conclusion of a new report from Verizon Business Security Solutions, analyzing 500 forensic investigations of data breaches. Financial institutions made up 14 percent of all companies included in...
Say, you need to hire your next CISO. Do you hire a security executive who can learn banking, or a banking executive who can pick up the necessary security skills?
When a Dallas, TX bank needed some help to stop unauthorized data, it pulled out the biggest guns it could locate to stop the data leaking out of its networks.
The choice was a natural progression of what the bank was already doing to stop data loss, according to Omni American Bank's Chief Information Officer Tony...
Mobile banking, Web 2.0, remote check capture - they're among the emerging technologies that appeal most to banking institutions. The key driver: the chance to offer more services to customers, and also cut costs through the further automation of banking transactions.
We recently spoke with leaders of the top...
Finally, it's your turn to have your say.
Since first joining Information Security Media Group late last summer, one of my primary goals has been to debut a blog for BankInfoSecurity.com and CUinfoSecurity.com.
Today, proudly, I'm able to announce the launch of not just one blog, but five - with more to come in...
On one hand, this step does show that the business has made a conscientious effort to plug a major security hole.
But on the other, can't you see that first lawsuit filed by a breached customer saying "Hey, you gave me this stuff and said my PC was safe ...?"
There was one thing that always bugged Steve Jones when he thought about customer data protection at his credit union - email via the Internet.
Email is so ubiquitous -- essential to communications both within the institution and with the outside world, including customers. But it's also fraught with security...
During March 2006, Mexican banking authorities established the use of a second factor authentication based on "dynamically generated information" -- in addition to username and password -- as a requirement for doing monetary operations through e-banking systems. This regulation allowed the use of one-time access code...
Information Security Media Group recently attended the Gartner IT Security Summit 2008 in Washington, D.C. where the theme of the conference was information security 5-10 years from now. We interviewed vendors on the floor of the expo hall and heard about solutions focusing on topics ranging from application security...
Philip Alexander, Information Security Officer at a Major US Financial Institution
Data leakage - it's one of subtle insider threats to information security at financial institutions. It's tough for leaders to know exactly where their critical data resides - never mind how it's being treated when it leaves the...
Data loss prevention (DLP) is a challenge for institutions of all sizes. But not all banking/security leaders understand the scope of the threat, where it originates and how best to eradicate it. In this interview, DLP expert Jared Thorkelson discusses:
What's most misunderstood about DLP;
The greatest sources of...
Interview with DLP Expert Jared Thorkelson
Data loss prevention (DLP) is a challenge for institutions of all sizes. But not all banking/security leaders understand the scope of the threat, where it originates and how best to eradicate it. In this interview, DLP expert Jared Thorkelson discusses:
What's most...
The hackers that broke into Hannaford Brothers, a northeast U.S. grocery chain, may have spawned other attacks, including one at Okemo Resorts in Ludlow VT. As law enforcement and forensic experts continue to sift through the evidence of these attacks, the retailer and the ski resort remain mum on further...
Risk management and the insider threat.
These are the two dominant themes emerging from the conversations and presentations at the RSA Conference in San Francisco this week.
From the keynote stage to the expo floor, with stops in between at the program sessions, information security experts, vendors and...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.
