I've told this story before about Michael Barrett, CISO of PayPal. When he joined the company, he asked how senior leaders were fighting the phishing problem.
"Technically, we don't have a phishing problem," he was told.
Want a fun exercise?
Go to Google News and type in "banks, confidence" - see what results you get.
These words are top-of-mind for all of us, of course, in the wake of the IndyMac Bank failure . Customer confidence is almost like the stock market - on a daily basis, we wonder whether it's up or down.
Even...
More than 75 percent of bank webites in a recent survey have at least one design flaw that could make customers vulnerable to cyber thieves.
This according to a new University of Michigan study of online banking.
These design flaws stem from the flow and the layout of the websites, according to the study. Led...
It could be the draft of an important document that sits on the desktop of an employee's computer, or it could be the excel spreadsheet with sensitive information that an employee took home to work on, then copied onto their home PC. Documents such as these are hiding out in a financial institution as "unstructured...
One of the tricks of my trade is to see the forest for the trees. Which is to say that with what our practice encounters during fieldwork, what we hear from the regulatory agencies and what we read/hear about in the news, we need to correlate and figure out what it all means. We then need to apply that toward the...
Eighty-seven percent of major data breaches could have been avoided through reasonable security measures.
This is the conclusion of a new report from Verizon Business Security Solutions, analyzing 500 forensic investigations of data breaches. Financial institutions made up 14 percent of all companies included in...
Say, you need to hire your next CISO. Do you hire a security executive who can learn banking, or a banking executive who can pick up the necessary security skills?
When a Dallas, TX bank needed some help to stop unauthorized data, it pulled out the biggest guns it could locate to stop the data leaking out of its networks.
The choice was a natural progression of what the bank was already doing to stop data loss, according to Omni American Bank's Chief Information Officer Tony...
Mobile banking, Web 2.0, remote check capture - they're among the emerging technologies that appeal most to banking institutions. The key driver: the chance to offer more services to customers, and also cut costs through the further automation of banking transactions.
We recently spoke with leaders of the top...
Finally, it's your turn to have your say.
Since first joining Information Security Media Group late last summer, one of my primary goals has been to debut a blog for BankInfoSecurity.com and CUinfoSecurity.com.
Today, proudly, I'm able to announce the launch of not just one blog, but five - with more to come in...
On one hand, this step does show that the business has made a conscientious effort to plug a major security hole.
But on the other, can't you see that first lawsuit filed by a breached customer saying "Hey, you gave me this stuff and said my PC was safe ...?"
There was one thing that always bugged Steve Jones when he thought about customer data protection at his credit union - email via the Internet.
Email is so ubiquitous -- essential to communications both within the institution and with the outside world, including customers. But it's also fraught with security...
During March 2006, Mexican banking authorities established the use of a second factor authentication based on "dynamically generated information" -- in addition to username and password -- as a requirement for doing monetary operations through e-banking systems. This regulation allowed the use of one-time access code...
Information Security Media Group recently attended the Gartner IT Security Summit 2008 in Washington, D.C. where the theme of the conference was information security 5-10 years from now. We interviewed vendors on the floor of the expo hall and heard about solutions focusing on topics ranging from application security...
Philip Alexander, Information Security Officer at a Major US Financial Institution
Data leakage - it's one of subtle insider threats to information security at financial institutions. It's tough for leaders to know exactly where their critical data resides - never mind how it's being treated when it leaves the...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.