Remember when you were in school and you hadn't read the chapter like your American history teacher had instructed your class to do on Friday afternoon right before the last bell? It was springtime; who was paying attention to their school work? Who thought there might be a pop quiz on Monday afternoon?
Now, here...
Financial institutions are increasingly better prepared for a pandemic disaster, but cyber security attacks are a growing concern.
This is the message from the current and past chairmen of the Financial Services Sector Coordinating Council for Critical Infrastructure Protection and Homeland Security (FSSCC).
George...
Comptroller of the Currency John C. Dugan this week told his agency's compliance examiners that they need to stay focused on compliance despite the industry's recent credit issues.
"We simply cannot take our eyes off compliance while we address safety and soundness," said >Dugan, speaking at the OCC Compliance...
We are in the process of analyzing data from the Identity Theft Red Flags survey we recently administered - a survey that aims to gauge the current readiness of financial institutions as they move toward complying with new guidance from the banking agencies regarding their identity theft prevention programs. Many of...
The Financial Modernization Act of 1999, AKA the Gramm-Leach-Bliley Act, or just plain GLBA.
However you know it, financial institutions now have had several years of regulatory oversight and examination on it, but some are still struggling to meet the regulation's myriad list of requirements, which include...
The parent company of the Montgomery Ward website had at least 51,000 records stolen out of a database last December, but failed to notify its customers.
The breach, first detected by Citigroup, a financial services company, showed hackers found a way into HomeVisions.com, a separate website of Direct Marketing...
Eighty-seven percent of major data breaches could have been avoided through reasonable security measures.
This is the conclusion of a new report from Verizon Business Security Solutions, analyzing 500 forensic investigations of data breaches. Financial institutions made up 14 percent of all companies included in...
Keeping abreast of what's going on in the regulatory compliance domain is something I need to do. It's sort of the life-blood of my career these days, as I spend most of my time either managing or executing audit and assessment activities predicated upon the various regs. Beyond wanting to be certain that my clients...
Say, you need to hire your next CISO. Do you hire a security executive who can learn banking, or a banking executive who can pick up the necessary security skills?
Only half of U.S. banking institutions say they will beat the Nov. 1 deadline for compliance with the Identity Theft Red Flags Rule.
This is the key finding of a new survey aimed at gauging the success of institutions' efforts to meet the terms of the new regulatory mandate. The survey, administered in June by...
I was talking the other day with a friend who works at an information security risk company. He shared with me the higher-level details of a physical penetration test on which he tagged along.
So, how do the third-party service providers respond to regulatory pressure on financial institutions to improve vendor management?
The major banking regulatory agencies have sent a clear statement to the institutions they oversee: Do a better job of selecting, contracting with and managing your major vendors....
We've known for roughly six months now that the Identity Theft Red Flags Rule compliance deadline is Nov. 1, barely four months away. How close, then, are banking institutions to meeting that deadline?
That is the question of the summer, and the answer will be found in the results of our new Identity Theft Red...
Our insightful content just became a whole lot more interactive - and opinionated.
With the debut of five new blogs on BankInfoSecurity.com and CUinfoSecurity.com, Information Security Media Group (ISMG) is opening the floodgates to a whole new level of informed opinion and two-way communication with its vast...
I started scoping out my next blog entry with PCI in mind (and how it will likely find its way into the community-bank/credit union space in a few years) and was blind-sided by one of my favorite nits to pick recently: the risks presented by poorly managed third-party vendor relationships.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.
