-
Download presentations from Financial Information Security Decisions 2009
Download a number of the compelling presentations from the 2009 Financial Information Security Decisions conference. Conference supplement
-
Preventing data leaks
Take this five-question quiz to evaluate your knowledge of the material presented by expert Pete Lindstrom in this Preventing Data Leaks lesson. Quiz
-
Ex-Goldman Sachs programmer gets eight years in prison for code theft
Former computer programmer snatched code for the firm’s proprietary trading platform on last day of work. News | 18 Mar 2011
-
Midmarket financial firms grapple with internal, external security threats
In the wake of the global economic crisis, many financial firms are struggling to meet tough regulations while defending against both accidental data leakage and a constant barrage of external attacks. Article | 13 Oct 2010
-
Authorities indict more than 60 for role in Zeus banking Trojan scheme
Foreigners in the United States on student visas were lured into opening bank accounts to funnel stolen money overseas. Article | 30 Sep 2010
-
Estonian accused of RBS WorldPay hack extradited to U.S.
Suspect allegedly part of hacking ring that masterminded sophisticated attack against payment processor. Article | 06 Aug 2010
-
Slovenian man charged with creating Mariposa botnet
Suspect allegedly developed and sold the malware behind massive botnet that was used to steal bank account information. Article | 28 Jul 2010
-
Tools aim to help banks and others tackle insider fraud
Insider fraud is a complex problem in the financial industry. Here's a look at some of the technology available to help banks thwart it. Article | 25 Jul 2010
-
Former bank technician pleads guilty in identity-theft scheme
Prosecutors say ex-contractor stole data from 2,000 bank employees and siphoned $1.1 million from nonprofits. Article | 06 Jul 2010
-
Lessons learned: Societe Generale and alleged theft of trade secrets
The recent arrest of a former trader suspected of stealing computer code underscores the need for strong access controls and monitoring. Article | 04 May 2010
-
How security aware is your organization?
Financial institutions should conduct social engineering exercises to test the security awareness of their employees, writes David Schneier. News | 05 Feb 2010
-
Lawyers claim Heartland-Visa settlement isn't enough
Proposed $60 million settlement for Visa card issuers offers little breach compensation and releases Heartland's acquiring banks from liability, attorneys argue Article | 21 Jan 2010
- See More: News on Data breaches and prevention strategies
-
Data breach protection: Implementing vendor breach safeguards
A vendor breach can be extremely costly to a financial institution. Financial firms must include data breach protections in their vendor contracts, including data breach notification and reporting. Tip
-
How to use data loss prevention tools to stop data exfiltration
Data loss prevention tools are usually considered as a defensive tactic against insider risks, but they can also help protect secure data against external attacks. In this tip, Rich Mogull explains how properly configuring and positioning your DLP pr... Tip
-
How to make information security a company-wide effort
For an information security program to be successful, it must include everyone in the company, not just the security group. In this tip, Eric Holmquist outlines steps financial firms should take to ensure they have an army of people working on their ... Tip
-
Lessons learned: The LendingTree case
Financial organizations cannot ignore the risk to their reputation when securing data. LendingTree recently suffered a breach at the hands of former employees and is now battling for their reputation in the court of public opinion. Learn what went wr... Tip
-
Lessons learned: The Countrywide Financial breach
The data breach at Countrywide Financial Corp. seems like something out of a TV crime drama: Two men regularly copied customer data and secretly sold it as leads to other mortgage brokers. The tale suggests that data theft is, more often than not, an... Tip
-
Lessons learned: The Texas Insurance Claims Services case
In this tip, we explore the Texas Insurance Claims Services data disposal case and what the current requirements for data disposal at financial firms are. Tip
-
Lessons learned: The Montgomery Ward breach
When Montgomery Ward suffered a breach, it took them six months before they began to alert customers. How did this happen and what can be done so it doesn't happen at your financial organization? Tip
-
Lessons learned: The Citibank ATM breach
Learn what went wrong with the Citibank ATM breach and how your financial organization can protect itself from the same danger. Tip
-
Partner data privacy: Issuing stricter guidelines
When working with third parties, data privacy is paramount. In this tip, Dick Mackey explains how financial firms are facing pressure from partners about data privacy and what they can do about it. Tip
-
How to lay the foundation for role entitlement management
Role entitlement management is a daunting task, however, there are steps you can take to lay the foundation for a successful management process. In this tip, expert Rick Lawhorn details these seven steps. Tip
- See More: Tips on Data breaches and prevention strategies
-
Governance, Risk and Compliance (GRC)
Governance, Risk and Compliance (GRC) is a combined area of focus within an organization that developed because of interdependencies between the three components. Word
-
Podcast: Detecting and investigating insider fraud
Insider fraud is a continuing battle for financial institutions but the economic recession has increased the risk. In this 17-minute podcast, Brenda Buetow, a certified fraud examiner and senior manager of forensic services at Crowe Horwath, describe... Podcasts
-
Data governance and classification
Protecting data begins with well executed asset inventory and continues by constantly keeping tabs on where sensitive information is. Mark Weatherford, executive officer and chief information security officer of California's Office of Information Sec... Video
-
Data encryption: Lessons learned from implementation
Implemention encryption can be a tricky process, so these tips from chief security architect for Allstate Insurance Co., Eric Leighninger, can help make your implementation much smoother. Video
-
Data encryption: Q&A with Eric Leighninger
Eric Leighninger, the chief security architect for Allstate Insurance Co. answers audience members' questions on topics like data classification, Department of Defense standards and post-implementation patch updates, following his presentation on ent... Video
-
PCI DSS: Best practices for compliance
In this video, learn about the greatest challenges to PCI compliance, as well as dealing with application security for compliance, encryption and compensating controls. Video
-
The Societe Generale fraud story: Keith White on fraud
In this interview video with Keith White, Vice President of Information Security Risk at Credit Suisse Group, he explains what happened in the fraud case at Societe Generale Corporate and Investment Banking, and what controls should be put in place t... Video
-
Ex-Goldman Sachs programmer gets eight years in prison for code theft
Former computer programmer snatched code for the firm’s proprietary trading platform on last day of work. News
-
Midmarket financial firms grapple with internal, external security threats
In the wake of the global economic crisis, many financial firms are struggling to meet tough regulations while defending against both accidental data leakage and a constant barrage of external attacks. Article
-
Authorities indict more than 60 for role in Zeus banking Trojan scheme
Foreigners in the United States on student visas were lured into opening bank accounts to funnel stolen money overseas. Article
-
Estonian accused of RBS WorldPay hack extradited to U.S.
Suspect allegedly part of hacking ring that masterminded sophisticated attack against payment processor. Article
-
Slovenian man charged with creating Mariposa botnet
Suspect allegedly developed and sold the malware behind massive botnet that was used to steal bank account information. Article
-
Tools aim to help banks and others tackle insider fraud
Insider fraud is a complex problem in the financial industry. Here's a look at some of the technology available to help banks thwart it. Article
-
Former bank technician pleads guilty in identity-theft scheme
Prosecutors say ex-contractor stole data from 2,000 bank employees and siphoned $1.1 million from nonprofits. Article
-
Lessons learned: Societe Generale and alleged theft of trade secrets
The recent arrest of a former trader suspected of stealing computer code underscores the need for strong access controls and monitoring. Article
-
How security aware is your organization?
Financial institutions should conduct social engineering exercises to test the security awareness of their employees, writes David Schneier. News
-
Lawyers claim Heartland-Visa settlement isn't enough
Proposed $60 million settlement for Visa card issuers offers little breach compensation and releases Heartland's acquiring banks from liability, attorneys argue Article
- See More: All on Data breaches and prevention strategies
About Data breaches and prevention strategies
A data breach can cripple a company. What are the best prevention, response and cost containment strategies? Learn about the latest data breaches and discover prevention strategies to protect your organization from breaches and data loss via stolen laptops, USB thumbdrives and more.