Blog | Risk Management/Security

  Weblog Main   |     View Entries By Topic   |     View Entries By Date


Heartbleed: Making The Case For SDN
April 11, 2014 @ 09:40 AM | By Lori MacVittie- InformationWeek

Software-defined networking technology could help protect against vulnerabilities like Heartbleed. It's time to develop a more mature SDN option.

continued...
Comment on this blog entry


Bitcoin, Meet Darwin: Crypto Currency's Future
March 13, 2014 @ 10:07 AM | By Matthew Schwartz- InformationWeek

First-movers rarely survive, but some experts see a real future for government-issued crypto currency.

continued...
Comment on this blog entry


Mobile Banking: Making Security and Convenience a Package Deal
February 28, 2014 @ 08:45 AM | By Todd Hawkins- CSC

The key to mobile security success is a multi-layered approach that enables companies to verify who their customers are and what they are authorized to do.

continued...
Comment on this blog entry


Mobile Commerce: The Next Fraud Frontier
February 04, 2014 @ 11:15 AM | By Bryan Yurcan

Mobile commerce continues to grow, but fraud prevention tactics in this channel need to grow at an equal pace as well.

continued...
Comment on this blog entry


Finding The Balance Between Compliance & Security
February 03, 2014 @ 11:53 AM | By Tom Bowers

IT departments can reduce security risks by combining the flexibility of ISO 27000 with the stringent requirements of PCI. Here's how.

continued...
Comment on this blog entry


Can Security Be More Than the Topic du Jour?
February 03, 2014 @ 11:37 AM | By Kathy Burger

Thanks to recent high-profile card and password breaches, security is a hot topic. Will this help banks protect critical information -- or make them an even more attractive target?

continued...
Comment on this blog entry


Yahoo Mail Passwords: Act Now
January 31, 2014 @ 11:02 AM | By Matthew Schwartz

Yahoo suffers hack attack, eyes third-party database and reused credentials as likely culprits, may enforce two-factor authentication to help users recover accounts.

continued...
Comment on this blog entry


Target Breach: Why Smartcards Won’t Stop Hackers
January 27, 2014 @ 09:22 AM | By Matthew Schwartz- InformationWeek

"Chip and PIN" smartcard adoption in the United States is long overdue. But the security improvement wouldn't have stopped Target's BlackPOS malware attackers

continued...
Comment on this blog entry


'Password' No Longer Worst Password
January 23, 2014 @ 09:27 AM | By Thomas Claburn- InformationWeek

The security firm SplashData publishes its list of the 25 worst passwords of 2013.

continued...
Comment on this blog entry


How Breaking News Is Used To Plant Malware
December 17, 2013 @ 15:17 PM | By George Tubin- Trusteer

Spear-phishing -- where emails lure readers or customers of trusted institutions to compromised websites -- has become one of the main tools fraudsters use to compromise endpoints inside financial institutions.

continued...
Comment on this blog entry


How Banks Can Leverage Mobile Network Operators for Security
October 30, 2013 @ 11:15 AM | By Jonathan Camhi

Mobile network operators are starting to take steps to open up their security infrastructure for other enterprises to leverage.

continued...
Comment on this blog entry


Understanding The Banking System's Role In the Post-9/11 World
September 11, 2013 @ 08:44 AM | By Kathy Burger

A new book outlines the role the U.S. Treasury Department has played in the war on terrorism.

continued...
Comment on this blog entry


What Constitutes a Data Breach for Banks?
July 26, 2013 @ 13:09 PM | By Deena Coffman- IDT911 Consulting

Many employees, even those who are technically savvy, do not recognize as reportable events the situations that commonly result in a data breach.

continued...
Comment on this blog entry


How to Protect Your Bank From an Information Heist
July 19, 2013 @ 11:51 AM | By Jason Thompson- SSH Communications Security

While secure shell is widely considered the benchmark for data-in-transit security, the current threat landscape requires banks and other financial organizations to reconsider how they are managing access to their encrypted networks.

continued...
Comment on this blog entry


Getting the Customer Involved in Fraud Prevention
July 02, 2013 @ 10:59 AM | By Jonathan Camhi

Banks need to get their customers actively involved in their fraud prevention efforts as customers may be willing to switch institutions if they feel left in the dark about those efforts.

continued...
Comment on this blog entry


4 Things Banks Need To Know About DDoS Attacks
June 25, 2013 @ 18:02 PM | By Avi Rembaum and Daniel Wiley- Check Point Software Technologies

To cope with an increased number of large distributed denial of service attacks, banks must not only have plans in place -- they should consider a broad set of defensive tools that combine on-premise technologies and cloud-based scrubbing services.

continued...
Comment on this blog entry


Financial Security: Learning From DDoS Attacks (Part 2)
June 25, 2013 @ 00:02 AM | By Rodney Joffe- Neustar

With more 7,000 distributed denial of service attacks daily, it’s only a matter of time before even smaller banks and credit unions are targeted. Here are more lessons smaller institutions learn from the big banks.

continued...
Comment on this blog entry


What Smaller Financial Institutions Can Learn From DDoS Attacks on Big Banks
June 23, 2013 @ 21:56 PM | By Rodney Joffe- Neustar

The experiences of big U.S. banks that were targeted with large denial of service attacks this past year could provide valuable lessons for smaller firms as they seek to minimize risks.

continued...
Comment on this blog entry


Q&A: Banks Must Take a Holistic Approach to Cybersecurity
May 16, 2013 @ 10:37 AM | By Bryan Yurcan

As cybercrime becomes more prevalent, due to the widespread access to technology that criminals now have, banks must remain eternally vigilant, says Booz Allen Hamilton's Bill Stewart.

continued...
Comment on this blog entry


Don’t Break the Bank: Back up Your Files
May 10, 2013 @ 13:03 PM | By Michael Krutikov- Symantec

The loss of sensitive and confidential information, be it by theft, accident or natural disaster, can be devastating.

continued...
Comment on this blog entry