Comments
5 Myths About Bank IT Security
Newest First  |  Oldest First  |  Threaded View
jneuharth
50%
50%
jneuharth,
User Rank: Strategist
7/17/2014 | 1:31:18 PM
#4 The less said about security, the better.
I have to say that I agree with this so strongly.  We have all seen so many gimmick solutions around "helping the end user" be more secure.  Things like SiteKey, Trusteer Rapport, crazy requirements around password, etc.  

Yet... how many FI's opt for an Extended Validated certificate on their site and educate their customers to look so they know they are not being Phished? Why do we have to have multiple "security checks" to login to online banking to look at a balance, but we can't add an escalated level of authentication when they are doing something with more risk (transfering money)?

Just using some basic best practices with education would be so much better then the new shiny.  To educate we need to talk about it. 

- Jeremy Neuharth
Jonathan_Camhi
50%
50%
Jonathan_Camhi,
User Rank: Author
7/10/2014 | 1:17:31 PM
5 Bank IT Security Myths
The 4th myth really stuck out to me. Banks can't keep saying "no comment" when it comes to cyber security. As the headlines pile up around data breaches, consumers will grow more and more protective of their information, suspicious of organizations that aren't forthcoming about their security practices. People will increasingly see "no comment" as equating with "we've got something to hide." And nobody wants to hear that when their money is at stake.
Byurcan
50%
50%
Byurcan,
User Rank: Author
7/10/2014 | 9:54:48 AM
Re: CISO
Very true, it's a discussion that needs to start from the top.
Anne R Gabriel
50%
50%
Anne R Gabriel,
User Rank: Author
7/10/2014 | 9:53:26 AM
Re: CISO
I agree with Bryan, re: point 1 as everyone plays a role, and the value of the complete list. I'm also partial to point 4, as there's an old saying which suggests knowledge is power - if banks don't talk about security, it won't get addressed as fully as needs be.
Byurcan
100%
0%
Byurcan,
User Rank: Author
7/10/2014 | 9:43:31 AM
CISO
Point no 1 is a very good one. Security is not something anymore that can just be handled by one divisiona nd ignored by everyone else. It requires enterprise-wide commitment.


Register for Bank Systems & Technology Newsletters
White Papers
Current Issue
Bank Systems & Technology
BS&T's 2014 Elite 8 executives are leading their banks to success, whether it involves leveraging the cloud, modernizing core systems, or transforming into digital enterprises.
Slideshows
Video
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.