Email Alerts
-
Download presentations from Financial Information Security Decisions 2010
Learn from the industry's leading information security experts who gathered to share proven security strategies. If you couldn't make it to New York City for the event, you can catch up here. Conference supplement
-
Download presentations from Financial Information Security Decisions 2009
Download a number of the compelling presentations from the 2009 Financial Information Security Decisions conference. Conference supplement
-
Financial Information Security Decisions 2008: Presentation downloads
Download a number of the fascinating presentations from the 2008 Financial Information Security Decisions conference. Conference supplement
-
More than hype: Security big data helps bank to boost security program
At RSA Conference 2012, Zions Bancorporation detailed how it harvested security big data using a Hadoop-based security data warehouse. News | 01 Mar 2012
-
Standardization key to Credit Suisse information security governance framework
The CISO of financial giant Credit Suisse says the key to successful global security and risk management is a uniform governance system supported by a common policy framework. Article | 17 Sep 2010
-
Online bank fraud lawsuits force banks to reassess security
Banks face security and reputational issues due to lawsuits filed by fraud victims, experts say. Article | 17 Aug 2010
-
Tools aim to help banks and others tackle insider fraud
Insider fraud is a complex problem in the financial industry. Here's a look at some of the technology available to help banks thwart it. Article | 25 Jul 2010
-
Aite Group: Take action now to manage remote deposit capture risks
Fraud losses involving RDC technology have the potential to skyrocket if banks don't work proactively to deal with the risks, research firm says. Article | 11 May 2010
-
Financial industry event will test response to cyber attacks
Banks, card processors and others are invited to participate in three-day exercise to test their response processes to various cyber attacks Article | 08 Jan 2010
-
New vendor risk assessment tools address cloud computing
Shared Assessments program unveils updated tools for assessing security of service providers, including cloud providers Article | 10 Nov 2009
-
Don't forget the cleaning crew in your vendor management program
Banks often overlook non-IT vendors in their vendor management program, putting their organization and customers' data at risk, experts say Article | 05 Oct 2009
-
Threat of insider fraud growing with bad economy
Actimize survey shows financial institutions see insider fraud threat growing as economic recession puts pressure on employees Article | 23 Sep 2009
-
Social engineering tests should make sense, not headlines
The recent social engineering exercise at a credit union that led the NCUA to issue a security alert to all its members serves as a lesson on how not to conduct such testing, writes David Schneier. News | 10 Sep 2009
- See more News on Risk assessment and management in financial institutions
-
Insider fraud detection and prevention
Financial institutions need to monitor and recognize changes in employee behavior in order to detect potential insider fraud. Tip
-
Holistic fraud reduction through customer security management
Monitoring customer behavior across multiple channels would help banks fight fraud, but today's fraud detection technology isn't there yet. In this tip, financial services expert Jerry Silva explains how banks could benefit from the concept of "custo... Tip
-
Building an unstructured data protection program
Learn how to develop a holistic approach to managing the risks associated with unstructured data. Tip
-
Seven considerations when evaluating automated GRC tools
Automated tools can help ease the compliance burden, but financial services firms must first weigh their needs. In this tip, David Strom looks at the top considerations when looking into buying a GRC tool. Tip
-
New FFIEC exam procedures for remote deposit capture risks
Learn how to prepare for new exam procedures on managing remote deposit capture risks that are included in the updated FFIEC IT examination handbook for retail payment systems. Tip
-
How to detect malicious insiders by monitoring antivirus log files
Antivirus logs can be a low-cost, low-effort approach for resource-strapped companies to look for threats posed by malicious insiders. Tip
-
Shifting to a flexible information security framework
Financial-services executives often view information security as locks and keys that impede business, which makes it hard for security to win funding. In this tip, Randall Gamby explains how adopting an information security framework built on the id... Tip
-
Get more out of your security event log data
Your network has plenty to say about your organization's threat posture. These three tips will help you get the most out of security log management tools. Tip
-
Social media: Risk management strategies for financial institutions
Social media sites like Facebook and Twitter present financial institutions with reputational, liability and information security risks, making it critical that they adopt a comprehensive social media strategy. In this tip, Andrew M. Baer examines th... Tip
-
Red Flag Rules compliance demands a risk-based approach
Financial-services firms face significant risk if they cannot demonstrate compliance with the federal Red Flag Rules, which require organizations to implement a program that effectively detects, prevents and mitigates identity theft risk. In this tip... Tip
- See more Tips on Risk assessment and management in financial institutions
-
What's it all about?
Isn't it really all about accounting for your assets, placing a value on each, (assessing the impact to your business if a breach occurs), calculating the risk, (threats, vulnerabilities and likelihood of occurrence), and then implementing security c... Ask the Expert
-
Automated Clearing House fraud (ACH fraud)
ACH fraud is the theft of funds through the Automated Clearing House financial transaction network. The ACH network acts as the central clearing facility for all Electronic Fund Transfer (EFT) transactions in the United States, representing a crucial... Definition
-
PayPal CISO: Laws must foster better cybersecurity information sharing
PayPal's Michael Barrett says many firms fear misuse of shared cybersecurity data. He also discusses the evolution of PCI DSS and mobile payment security. Video
-
Social media and cloud computing for financial services
Paul Smocer of BITS discusses the use of social media and cloud computing by financial services firms, including the inherent risks, and what you can do to mitigate them Video
-
GRC for financial firms: Managing risk, vendors and change
Learn about managing risks, vendors and change in the first part of a two-part interview with financial-services security expert Eric Holmquist. Video
-
Marcus Ranum on cyberwarfare, infosec careers
At 2009's Information Security Decisions conference, security expert Marcus Ranum sat down to answer some of readers' security questions. Video
-
Podcast: Detecting and investigating insider fraud
Insider fraud is a continuing battle for financial institutions but the economic recession has increased the risk. In this 17-minute podcast, Brenda Buetow, a certified fraud examiner and senior manager of forensic services at Crowe Horwath, describe... Podcasts
-
Industry reaction to FFIEC remote deposit capture guidance positive so far, says FDIC official
The FFIEC in January released guidance for managing risks associated with remote deposit capture systems. In this podcast, which is about 8 minutes long, Michael Jackson of the FDIC talks about the industry's reaction to the guidance and his sense of... Podcast
-
Security on the street with SearchFinancialSecurity.com: Risk management
Societe Generale, Black Monday and bank failures are just a few of the reasons that the financial industry is in turmoil. Editor Sarah Hurley recently spoke with Chris McClean, an analyst at Forrester Research, to discuss the state of risk management... Podcast
-
The Societe Generale fraud story: Keith White on fraud
In this interview video with Keith White, Vice President of Information Security Risk at Credit Suisse Group, he explains what happened in the fraud case at Societe Generale Corporate and Investment Banking, and what controls should be put in place t... Video
-
PayPal CISO: Laws must foster better cybersecurity information sharing
PayPal's Michael Barrett says many firms fear misuse of shared cybersecurity data. He also discusses the evolution of PCI DSS and mobile payment security. Video
-
Automated Clearing House fraud (ACH fraud)
ACH fraud is the theft of funds through the Automated Clearing House financial transaction network. The ACH network acts as the central clearing facility for all Electronic Fund Transfer (EFT) transactions in the United States, representing a crucial... Definition
-
More than hype: Security big data helps bank to boost security program
At RSA Conference 2012, Zions Bancorporation detailed how it harvested security big data using a Hadoop-based security data warehouse. News
-
Insider fraud detection and prevention
Financial institutions need to monitor and recognize changes in employee behavior in order to detect potential insider fraud. Tip
-
Holistic fraud reduction through customer security management
Monitoring customer behavior across multiple channels would help banks fight fraud, but today's fraud detection technology isn't there yet. In this tip, financial services expert Jerry Silva explains how banks could benefit from the concept of "custo... Tip
-
Building an unstructured data protection program
Learn how to develop a holistic approach to managing the risks associated with unstructured data. Tip
-
Standardization key to Credit Suisse information security governance framework
The CISO of financial giant Credit Suisse says the key to successful global security and risk management is a uniform governance system supported by a common policy framework. Article
-
Online bank fraud lawsuits force banks to reassess security
Banks face security and reputational issues due to lawsuits filed by fraud victims, experts say. Article
-
Tools aim to help banks and others tackle insider fraud
Insider fraud is a complex problem in the financial industry. Here's a look at some of the technology available to help banks thwart it. Article
-
Seven considerations when evaluating automated GRC tools
Automated tools can help ease the compliance burden, but financial services firms must first weigh their needs. In this tip, David Strom looks at the top considerations when looking into buying a GRC tool. Tip
- See more All on Risk assessment and management in financial institutions
About Risk assessment and management in financial institutions
In financial services, risk management is not solely an IT process. Whether you're a part of the IT staff, GRC team or the risk management office, learn about risk assessment and management and how to define, articulate and explain financial and business risks to data and intellectual property.