The Dutch company that was deceived by hackers into issuing fraudulent digital certificates is liquidating its assets under the protection of a bankruptcy court in the Netherlands after failing to recover from the attack.
With the Swiss bank offering new details about the severity of its trading scandal, industry experts share insights on risk management and the failure of systems and staff to detect unauthorized trades.
"We find a lot of security professionals saying, 'I'm just going to get another certification, or I'm going to get deeper into this technology skill,'" says researcher David Foote. "That's not going to get you very far."
International communication and public-private partnerships are the keys to cybersecurity in the financial space, according to the Department of Homeland Security and the Financial Services - Information Sharing and Analysis Center.
From 2004 to 2010, Latesha Brown used her privileges to accept and submit forged birth certificates, pay stubs and other documents to obtain loans at several institutions. How did she go undetected for so long?
"You can't have someone arrested for violating your policies," says former Bear Stearns CISO Jennifer Bayuk. "The question is: What did he do, and was there a policy that would have prevented the activity?"
The Reserve Bank of India issued guidance in April, 2011 for banks to mitigate the risks of use of information technology in banking operations. Here is an overview of the nine topics specifically addressed by the guidance.
"You need to understand how you are currently using social media in your organization, and how you intend to use it, before you can define policies around social media," says Erika Del Giudice of Crowe Horwath.