FS-ISAC

JULY 27, 2023

Jerry Perullo draws on more than two decades of experience, including as CISO at Intercontinental Exchange/New York Stock Exchange (ICE/NYSE), and recently as interim CISO at Silicon Valley Bank, to explain his framework for presenting cybersecurity risks and solutions to the Board. Yet, cybersecurity isn’t on the list.

Cybersecurity 52

Cybersecurity Vulnerability Banking Risk Management 52

Online Computers

NOVEMBER 27, 2023

Human vulnerability can easily be exploited by criminals. The number one phishing target: Financial institutions Not surprisingly, financial institutions such as banks, payment systems, online stores, and eCommerce are the most popular targets of phishing scams. Phishing is quite effective.

eCommerce 52

eCommerce Vulnerability Cybersecurity Logistics 52

Pure Storage

MARCH 25, 2024

Specifically, these have come from the Cybersecurity & Infrastructure Security Agency (CISA), Federal Financial Institutions Examination Council (FFIEC), and the National Cybersecurity Strategy (NCS) from the White House. CISA’s focus is on voluntary collaboration across all “critical infrastructures” in the U.S.

Financial Services 59

Financial Services Resilience Banking Risk Management 59

Online Computers

NOVEMBER 30, 2023

To help prevent identity theft, follow these strategies: Create strong and unique passwords Passwords are typically used to protect email, banking, and social media accounts. Be cautious about sharing sensitive information online, such as your bank account and Social Security number. Drop us a line to learn more.

Banking 52

Banking Malware Alert Internet 52

FS-ISAC

NOVEMBER 8, 2021

Insights spoke with BBVA CISO Alvaro Garrido to discuss how he sees cybersecurity evolving over the next several years. BBVA was the first bank in Europe to launch a crypto custody service. How can a bank decide whether to build crypto custody services or partner with third-party providers? However, it is not a silver bullet.

Security 52

Security Banking Cybersecurity Marketing 52

FS-ISAC

JUNE 30, 2022

More than six months since Log4j made the headlines, the threat of zero-day exploits, or previously unknown vulnerabilities, looms large over the heads of business leaders and cybersecurity teams. For one, not everyone has the resources to quickly address vulnerabilities. Unfortunately, zero-days are inevitable.

Vulnerability 52

Vulnerability Cybersecurity Financial Services Malware 52

FS-ISAC

MAY 9, 2023

Episode Notes Tabletop exercises are a crucial component for enhancing threat and vulnerability management plans in fintech. Paige Johnson, Executive Director and Head of Americas Firmwide Simulation Utility at JP Morgan Bank, discusses the origin and development of these exercises.

Banking 52

Banking Vulnerability Management Cybersecurity 52

Security Industry Association

NOVEMBER 24, 2023

banking customers who can open their bank accounts using a selfie. We envision a world where individuals are recognized not by cumbersome passwords or vulnerable keys, nor physical credentials, but privately, securely and voluntarily for who they truly are. One of the most promising areas of opportunity lies in biometrics.

Authentication 52

Authentication Banking Telecommunications Cybersecurity 52

Online Computers

OCTOBER 8, 2021

According to Akamai Security, credential stuffers readily swiped not just bank details and personal data, but even rewards from retail and loyalty programs, such as gas cards, hotel stays, and airline miles. Credential stuffing is a threat to businesses because exploited user accounts may be used to explore your network’s vulnerabilities.

Banking 52

Banking Airlines Authentication Retail 52

Online Computers

MAY 10, 2022

A crime of opportunity happens in an instant, and that criminal can walk away with a sheet of credit card numbers or bank statements. Once an MSP has audited your network, they can find where you are most vulnerable and take the necessary measures to prevent unauthorized use of computers and wireless internet. Vindictive Employees.

Cybersecurity 52

Cybersecurity Audit Banking Internet 52

Fusion Risk Management

JANUARY 24, 2023

and the EU operate with dedicated teams who work with the organization and local regulators to address the requirements that have been established by the Bank of England (BoE), Financial Conduct Authority (FCA), Prudential Regulation Authority (PRA), and other EU-based authorities. Generally, global firms with a heavy presence in the U.K.

Resilience 52

Resilience Financial Services All-Hazards Disaster Recovery 52

FS-ISAC

SEPTEMBER 8, 2021

While cybercrime has been around for decades, the 2016 cyber heist against Bangladesh Bank was a watershed moment for financial authorities around the world. In its aftermath, many financial regulators ramped up their focus on cybersecurity, delving far deeper into firms’ cyber readiness and maturity than they had previously.

Authorization 52

Authorization Banking Benchmark Cybersecurity 52

Pure Storage

AUGUST 3, 2023

Threat modeling is the process of identifying potential threats and vulnerabilities in a system and determining the likelihood and impact of each threat. Assets that are vulnerable to spoofing include usernames, passwords, and digital certificates. What Is Threat Modeling? This can be a serious threat to confidentiality and privacy.

Authentication 87

Authentication Vulnerability Authorization Audit 87

FS-ISAC

MAY 25, 2021

Banks around the world are used to quantifying financial risks such as market, credit, and liquidity risks. But in a digital finance world that is quickly advancing into uncharted territory, non-financial risks – operational risk, fraud prevention, IT risk, and cybersecurity – are increasingly critical to the business.

Banking 52

Banking Cybersecurity Mitigation Risk Management 52

FS-ISAC

JUNE 30, 2022

To minimize disruption from third-party attacks, zero-day vulnerabilities, ransomware, and nation-state threats, regulators around the world are implementing landmark incident reporting standards. Several trade associations – including Bank Policy Institute, U.S. The age of speedy incident reporting regulation is here.

Response Plan 52

Response Plan All-Hazards Mitigation Cybersecurity 52

Assurance IT

MAY 25, 2021

The company called in third-party cybersecurity authorities. There was a point in time when you had to hold up a bank to steal money. If they find a vulnerability in your network, they will attack, no matter what industry you’re in. Reports are claiming that the DarkSide ransomware group is responsible for the attack.

Disaster Recovery 52

Disaster Recovery Transportation Cybersecurity Authorization 52

Solutions Review

SEPTEMBER 14, 2021

TITLE: Risk Management for Cybersecurity and IT Managers. Dion guides his students through the foundations of risk management, particularly with regard to cybersecurity and information technology. The Best Risk Management Courses on Udemy. None of these things have anything to do with proper risk management. GO TO TRAINING.

Risk Management 98

Risk Management Management Government Vulnerability 98

FS-ISAC

MAY 25, 2021

As part of our Latin America focus for this edition of FS-ISAC Insights, we spoke with Homero Valiatti, Superintendent of Information Security at Itaú, Brazil's largest bank and the largest financial institution in the southern hemisphere. This article is also available in Portuguese and Spanish.

Cybersecurity 52

Cybersecurity Malware Risk Management Security 52

FS-ISAC

MARCH 2, 2022

For cybersecurity professionals, the rise of quantum computing will require a new vision of security that maximizes the advantages and minimizes the risks inherent in the adoption of quantum technology. Quantum sensing could also be used for internet of things (IoT), mobile banking, and more. One prime use case for this is warfare.

Financial Services 98

Financial Services Technology Internet Fashion 98

Fusion Risk Management

FEBRUARY 7, 2023

The Impacts of Globalisation on the Scope of Crises So, whilst it is evident that the ‘stick’ of regulations is very much needed and has been incredibly valuable over the past couple of years in revealing vulnerabilities and helping guide investment strategies, the challenge of complying with all regulators’ requirements remains.

Financial Services 52

Financial Services Resilience Crisis Management Vulnerability 52

LogisManager

MAY 20, 2021

For example, a forensic finding made during an evaluation of Colonial Pipeline noted numerous known and preventable vulnerabilities, such as unpatched and outdated systems, that likely led to the security breach. About the Author: Steven Minksy.

Risk Management 64

Risk Management Management Authentication Hospitality 64

Fusion Risk Management

MAY 12, 2022

Over the past year and more, we saw financial firms implementing operational resilience programs to comply with the Bank of England, PRA, and FCA regulations. This degree of scenario testing helps to highlight further vulnerabilities. Pinpointing the Moment of Impact. Decision-making assumptions are where we could fail.”.

Failover 52

Failover Resilience Crisis Management Mitigation 52

BMC

DECEMBER 15, 2022

Part of ensuring a secure environment across a business and for everyone the business touches means putting secure practices around governance, and implementing real-time, ongoing vulnerability detection solutions. In fact, one of the tenets of that forward-looking business framework is Adaptive Cybersecurity.

Government 52

Government Transportation Security Banking 52

Assurance IT

JUNE 17, 2021

The Co-founder of Assurance IT, Luigi Tiano and the Senior System Engineer from Veeam , Brandon McCoy got together for an interview about cybersecurity and protection. Right now, of course, you see the big ones like the healthcare industries, banking, government, finance, you know, those are the big targets. Everyone is at risk.

Backup 52

Backup Business Continuity Education Disaster Recovery 52

Online Computers

OCTOBER 29, 2023

With the state taking cybersecurity more seriously, every business owner across the state should do the same. Whether you’re a small- or medium-sized business (SMB) or a large corporation, you need to be savvy about cybersecurity. Here are some of the key things you need to know about cybersecurity in 2023.

Malware 52

Malware Security Cybersecurity Vulnerability 52

LogisManager

MAY 22, 2023

From economic fluctuations to cybersecurity threats, from regulatory changes to environmental hazards, the risk landscape is constantly evolving, and organizations must be agile and proactive to stay ahead. In the first case, a bank faced a safety and soundness review during the recession.

Risk Management 52

Risk Management Evaluation Banking Benchmark 52

LogisManager

MAY 22, 2023

From economic fluctuations to cybersecurity threats, from regulatory changes to environmental hazards, the risk landscape is constantly evolving, and organizations must be agile and proactive to stay ahead. In the first case, a bank faced a safety and soundness review during the recession.

Risk Management 52

Risk Management Evaluation Banking Benchmark 52

Reciprocity

AUGUST 15, 2022

But as more companies use technology across all parts of the enterprise and more compliance requirements focus on cybersecurity, IT security is becoming an increasingly central part of the CMS. In June 2020, the OCC warned banks about compliance risks related to the COVID-19 pandemic. So how does a modern CMS program operate?

Management 52

Management Audit Banking Risk Management 52

Fusion Risk Management

MARCH 1, 2022

The Bank of England, as part of their operational resilience policy statement , continually outlined the need for institutions to ensure that they can continue to deliver their important business services during severe (or extreme) but plausible scenarios.

Manufacturing 52

Manufacturing Logistics Vulnerability Transportation 52

Solutions Review

MARCH 31, 2023

Backups are an essential component of several functions in the NIST Cybersecurity Framework. Specifically, backups relate to the Recover function, which involves restoring any services that were compromised in a cybersecurity incident. However, backups fail to provide protection from data theft with no chance of recovery.

Backup 119

Backup Disaster Recovery Application Security 119

Online Computers

AUGUST 17, 2022

This may include your social security number, address, phone number, banking information, and a lot more. Unless you use a top-of-the-line service, your data will be vulnerable as weaker services make prime targets for hackers. Who’s Bears the Responsibility?

Security 52

Security Healthcare Hospitality Banking 52

Solutions Review

JANUARY 25, 2024

We’ve seen US states such as California passing their own privacy laws and drafting detailed regulations on cybersecurity audits, risk assessments, and automated decision making privacy by design in practice a must-do to be able to effectively respond to the demands of augmented privacy regulatory frameworks. Upholding good cyber hygiene.

Authentication 142

Authentication Security Cybersecurity Government 142

Solutions Review

FEBRUARY 1, 2024

We’ve seen US states such as California passing their own privacy laws and drafting detailed regulations on cybersecurity audits, risk assessments, and automated decision making privacy by design in practice a must-do to be able to effectively respond to the demands of augmented privacy regulatory frameworks. Upholding good cyber hygiene.

Healthcare 59

Healthcare Security Cybersecurity Government 59

Solutions Review

JANUARY 28, 2024

We’ve seen US states such as California passing their own privacy laws and drafting detailed regulations on cybersecurity audits, risk assessments, and automated decision making privacy by design in practice a must-do to be able to effectively respond to the demands of augmented privacy regulatory frameworks. Upholding good cyber hygiene.

Healthcare 52

Healthcare Security Cybersecurity Government 52

Security Industry Association

OCTOBER 23, 2023

October is Cybersecurity Awareness Month , and the Security Industry Association (SIA) Cybersecurity Advisory Board is marking the occasion with a series of helpful content, tips and guidance on key cybersecurity topics. i-PRO Americas’ Will Knehr shares tips for securing industrial Internet of Things devices.

Vulnerability 105

Vulnerability Internet Cybersecurity Banking 105

Pure Storage

FEBRUARY 16, 2024

Building access systems have already been in the sightlines of hackers, and security professionals have already pointed out serious vulnerabilities in smart building control systems that hackers could exploit. “Connected” or “smart” buildings could be new targets. No industry can get lazy about the potential for attacks– they’re all at risk.

Security 128

Security Insurance Insurance Government 128