Nearly four out of five technology professionals believe employees are putting their companies at risk by failing to act safely online, according to new research.
In a study by anti-virus firm Sophos, 79% of the IT workers polled said that in spite of their group’s instructions, many employees continue to...
Information systems capture, process, and store information using a wide variety of media. This information is located not only on the intended storage media but also on devices used to create, process, or transmit this information. This media may require special disposition in order to mitigate the risk of...
Recent and current pressures on IT security managers in publicly quoted companies to tick regulation boxes have about five more years to run. NetIQ security strategist Chris Pick believes that the discipline of risk management, taking companies beyond mere compliance, is "not there yet†as a driver of IT...
While the “human element” of information security may be easy to ignore; ignoring it is also dangerous and costly. Of this there is ample evidence.
This report presents an organizational security approach that corporate security managers can use as a roadmap to initiate an effective employee security awareness...
This white paper identifies the products and architecture's needed to aid in the process of procuring the following:
-Identifying *Possible* Attack Vectors
-Reasearching and discovering system vulnerabilities
-Exploitating found Vulnerabilities
-Preparaing Test Cases
-Compilating Final Security Testing...
Some security practitioners react to new technologies with panic and the issuance of stern edicts against using USB drives/PDAs/EVDO cards/wireless LANs, etc. Stop and take a deep breath. In most cases, users have a legitimate need to fill. It is your job to find a way for them to fill that need safely, not to keep...
According to a Harris Interactive survey of U.S. office workers, 68% of employees have sent or received e-mails that could pose a risk to their company.
The survey shows that even if you think you’re e-mailing out a harmless joke, gossip, or innocent information about your company, you could be putting...
Determining if a candidate possesses the skills necessary to fill an information security position effectively before hiring him/her is not a trivial task. There are many methods one can use to gauge the effectiveness of a candidate's background.
It is important to note that for some positions, it might be very...
Organizations publish information online including confidential data. Data is rendered in varied formats; it can vary from simple HTML pages to documents in Adobe's PDF or Microsoft's Word/Excel formats. Confidential data is restricted to a set of users who have to login and be authenticated on the website. A common...
This paper discusses and analyzes the internet-based, password reset functionality provided by many organizations for their customers. The average application user is being forced to remember more and more complex passwords to accomplish their daily routines. The very nature of complex passwords, sometimes results in...
Andrew Miller- BankInfoSecurity.com Editor
The year 2005 will likely go down in history as the year of the data security breach. It was a year in which CardSystems Solutions Inc. revealed a security breach that exposed data on potentially more than 40 million payment-card accounts. DSW Shoe Warehouse disclosed the...
Omar Herrera
Information security personnel in Banks
Banks have specific requirements for the experience and abilities of their information security personnel. However, it is becoming harder for qualified professionals to satisfy requirements from these institutions.
While information security personnel can be...
The financial services industry increasingly relies on information technology (IT) service providers
(“Service Providers”) to support the delivery of financial services. This shift in the delivery of
financial services, coupled with the deployment of new and dynamic technologies, has resulted in
heightened...
I. OVERVIEW
According to the August 2004 U.S. Secret Service and CERT® Coordination Center’s Insider
Threat Study: Illicit Cyber Activity in the Banking and Finance Sector:
… (The fact that) over one quarter of the insiders had a criminal record prior to their
incidents underscores the importance of looking...
I. EXECUTIVE SUMMARY
Check fraud is a growing industry problem. Nearly 20 percent of super-regional banks incurred more
than $20 million in check fraud-related operating expenses in 2001.1 In order to enable the industry
to resolve breach of presentment warranty claims expeditiously and in a way that is fair,...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.