The Financial Modernization Act of 1999, AKA the Gramm-Leach-Bliley Act, or just plain GLBA.
However you know it, financial institutions now have had several years of regulatory oversight and examination on it, but some are still struggling to meet the regulation's myriad list of requirements, which include...
Say, you need to hire your next CISO. Do you hire a security executive who can learn banking, or a banking executive who can pick up the necessary security skills?
I was talking the other day with a friend who works at an information security risk company. He shared with me the higher-level details of a physical penetration test on which he tagged along.
By now we've all heard the buzz term "Web 2.0" - but how many of you truly grasp what it means?
For some time, even those entrenched in Internet marketing and technologies struggled to define the term (brings to mind "GRC"), and nowadays it seems more appropriate to describe web 2.0 by giving examples of specific...
On one hand, this step does show that the business has made a conscientious effort to plug a major security hole.
But on the other, can't you see that first lawsuit filed by a breached customer saying "Hey, you gave me this stuff and said my PC was safe ...?"
With all due respect to the pugilist fan base still out there, the FDIC used a classic left-right combo this past week aimed squarely at the jaw of the third-party service provider community.
First Sheila C. Bair, the Chairman of the FDIC, touched on emerging guidance regarding third-party service providers in
It's not always easy to decide to stop doing business with a person or entity. In fact, it might be a decision that many bankers aren't willing to face. However, when an institution sees a growing amount of fraud losses on a customer's online banking account due to their negligence,
Let the countdown begin.
As of May 1, U.S. financial institutions have just six months left to comply with the new Identity Theft Red Flag Rules, which (among other things) mandate new levels of documentation, training and awareness.
Red Flags is one of the top regulatory priorities of the year, and for many...
OK, so not everybody's confidential information generates the same level of interest as Barack Obama's, Hillary Clinton's or John McCain's passport files.
But the latest State Department scandal nevertheless holds a relevant lesson for financial institutions: Be ever mindful of your customers' privacy....
If there's one single notion common to financial institutions of all sizes, it is confidence -the need to have shared trust with employees, partners and especially customers. Without this confidence, banking institutions cannot succeed.
And if there's one common theme emerging from the inaugural State of Banking...
If 2007 is any indication, then 2008 is going to be a wild year for financial institutions facing a slew of risk management issues.
Hanging like the sword of Damocles above all is the subprime mortgage crisis, which sees institutions looking for ways to avoid foreclosures and challenges surrounding underwriting....
You've seen the biggest stories and security incidents of 2007. Now here's a list of the most popular federal agency releases and regulations of the year.
Rebecca Herold, privacy expert
Many different types of privacy breaches continue to plague organizations and their third-party service providers. Hear Rebecca Herold discuss:
Data breach response plans – where are the holes?
Notification plans (or lack thereof)
How to involve and ensure the security...
Matthew Speare, Senior Vice President of Information Technology, M & T Bank Corporation, discusses the practical application of computer forensics in banking institutions, including:
How forensics has made a difference at his institution
How to establish your own forensics program
Advice for banking executives...
Mark Seward, CISSP and Director Product Marketing with Qualys, Inc., discusses GLBA compliance as it relates to vulnerability management at financial institutions. Insights include:
• Key GLBA compliance issues facing financial institutions;
• Examples of vulnerability management specific to...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.