The OCC recently issued a bulletin (2008-16) in which it targets application security and the need for banking institutions to properly address application security "whether internally developed, vendor-acquired, or contracted for." I for one am relieved.
There was one thing that always bugged Steve Jones when he thought about customer data protection at his credit union - email via the Internet.
Email is so ubiquitous -- essential to communications both within the institution and with the outside world, including customers. But it's also fraught with security...
During March 2006, Mexican banking authorities established the use of a second factor authentication based on "dynamically generated information" -- in addition to username and password -- as a requirement for doing monetary operations through e-banking systems. This regulation allowed the use of one-time access code...
EDITOR'S NOTE: This is the first installment of an occasional series summarizing key banking/security regulatory documents.
The Business Continuity Planning manual is part of the IT Examination Handbook from Federal Financial Institutions Examination Council (FFIEC). The March 2008 version of the BCP manual has...
Interview with Nalneesh Gaur, Chief Information Security Architect, Diamond Management & Technology Consultants
Mergers and acquisitions are a way of life for financial institutions, and so many pertinent business issues bubble up whenever an M&A is discussed.
But when does information security enter the...
As of Oct. 1, U.S. banking institutions have just one month to come into compliance with the Identity Theft Red Flags Rule, which mandates new levels of ID Theft program management, training and awareness.
Register for this webinar to get your first glimpse at the new regulatory examination procedures for this...
The blaring headlines about New York Governor Eliot Spitzer's fall from power brought the public's attention to a relatively hidden group of people that financial institutions must keep their eyes on - the politically exposed person (PEP).
Are banks and credit unions required to monitor PEPs? The answer is "Yes" or...
Understanding the trends and patterns of the past is the key to understanding the future, and security is no exception. The following security threat trends for 2008 have been assembled as a result of their frequency during security audits performed last year. These common and fundamental security issues typically...
The public service announcement used to appear on television screens every night, it seemed, when I was growing up. The announcer would speak in a deep voice, "IT'S 10 p.m., do YOU know where YOUR CHILDREN ARE?" Looking around, my parents would sigh a deep breath of relief, knowing that we children were either in our...
Imagine the scenario: Your institution has a customer who does all of his banking online -- bill pay, transfers, account balances. This customer calls after seeing an unauthorized transaction. After tracing the account transfers, which were wired overseas, you find the customer's computer loaded with crimeware. Your...
In case you missed it - because it wasn't a huge headline anywhere - here's a bit of news about First Pryority Bank, a 108-year-old community bank based in Pryor, OK.
Well, first a bit of background. First Pryority was founded in 1900 by W.A. Graham,
Just over two years ago, Brian Huntley arrived at Camden National Bank in Maine, charged with responding to regulatory guidance and transforming the bank's information security risk assessment program from one that was threat-based to one that is now asset-based.
Interview with Brian Huntley, VP & ISO, Camden National Bank
Just over two years ago, Brian Huntley arrived at Camden National Bank in Maine, charged with responding to regulatory guidance and transforming the bank's information security risk assessment program from one that was threat-based to one that is now...
Interview with Kim Matlon, Business Continuity/Crisis Management Expert
Workplace violence - it's one of the most common but least understood risks to all businesses.
From robberies gone awry to bullies in the workplace to domestic anger spilling over from home, the workplace is rife for violent situations. In...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.
