Security management strategies

Email Alerts

Register now to receive SearchFinancialSecurity.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • wipe

    Wipe, in a computing context, means to erase all data on a hard drive to render it unreadable. The term is often used in reference to making data stored on a computer, smartphone or tablet inaccessible before disposing of the device.

  • security awareness training

    Security awareness training is a formal process for educating employees about corporate policies and procedures for working with information technology (IT). Regular training is particularly necessary in organizations with high turnover rates and those that rely heavily on contract or temporary staff.

  • Internal compliance program for Massachusetts data protection law

    Having a holistic compliance program is crucial to successfully complying with data security and privacy regulations. In this video, Rick Gammell, director of enterprise information risk management at MassMutual Financial Group, describes how his company tackled compliance with the Massachusetts data protection law.

  • GRC for financial firms: Managing risk, vendors and change

    Learn about managing risks, vendors and change in the first part of a two-part interview with financial-services security expert Eric Holmquist.

  • GRC for financial firms: The latest threats

    In this video, expert Eric Holmquist explains what to look out for in the current threat landscape, including Automated Clearing House (ACH) fraud. He also discusses pandemic planning and how tabletop exercises are critical for successful disaster recovery planning.

  • Seven GRC best practices for information security

    Learn the seven most important practices to use when implementing governance, risk and compliance at your enterprise.

  • Shifting to a flexible information security framework

    Financial-services executives often view information security as locks and keys that impede business, which makes it hard for security to win funding. In this tip, Randall Gamby explains how adopting an information security framework built on the idea of information security as a business enabler will help bridge the gap between security professionals and business managers.

  • Zeus variant by-passing security, say researchers

    A variant of the data-stealing Zeus Trojan best known for targeting online banking uses a new technique to bypass security systems

  • four eyes principle

    The four eyes principle is a requirement that two individuals review and approve some action before it can be taken. In a business context, the two individuals are often the CEO and the CFO. However, the principle can be applied to decisions at all levels and in a wide variety of environments. The four eyes principle is sometimes called the two-man rule or the two-person rule.

  • Automated Clearing House fraud (ACH fraud)

    ACH fraud is the theft of funds through the Automated Clearing House financial transaction network. The ACH network acts as the central clearing facility for all Electronic Fund Transfer (EFT) transactions in the United States, representing a crucial link in the national banking system.

  • Tilon financial malware targets banks via MitB attack, Trusteer finds

    Tilon is related to the Silon malware detected in 2009. It uses a man-in-the-browser attack to capture form submissions and steal credentials.

  • Citadel malware toolkit going underground, says RSA

    The Citadel crimeware, a toolkit giving cybercriminals sophisticated financial malware, is being taken off the market by its authors, according to experts monitoring its activity.

  • Ramnit worm variant now dangerous banking malware

    The Ramnit worm now supports man-in-the-middle attacks, giving cybercriminals the ability to drain a victim’s bank account.

  • OddJob Trojan: Different from other online security banking threats?

    What particular risks does the OddJob Trojan pose to the security of financial transactions over the Web? Expert Nick Lewis explains.

  • Malware and email authentication in financial services

    Malware and fighting phishing with email authentication are major security topics for financial services firms. In part two of this video, Paul Smocer discusses the threats and mitigation options.

  • GRC for financial firms: The latest threats

    In this video, expert Eric Holmquist explains what to look out for in the current threat landscape, including Automated Clearing House (ACH) fraud. He also discusses pandemic planning and how tabletop exercises are critical for successful disaster recovery planning.

  • The final frontier: bank check security

    In his latest blog post, David Schneier writes that the banking industry needs to take action to protect account numbers and other sensitive information printed on bank checks.

  • VIEW MORE ON : Threat prevention