- Data governance best practices
- IT disaster recovery planning and management
- Risk assessment and management
- Threat prevention
- Risk management frameworks, metrics and strategy
Email Alerts
-
wipe
Wipe, in a computing context, means to erase all data on a hard drive to render it unreadable. The term is often used in reference to making data stored on a computer, smartphone or tablet inaccessible before disposing of the device.Definition
-
Internal compliance program for Massachusetts data protection law
Having a holistic compliance program is crucial to successfully complying with data security and privacy regulations. In this video, Rick Gammell, director of enterprise information risk management at MassMutual Financial Group, describes how his company tackled compliance with the Massachusetts data protection law.Video
-
GRC for financial firms: Managing risk, vendors and change
Learn about managing risks, vendors and change in the first part of a two-part interview with financial-services security expert Eric Holmquist.Video
-
GRC for financial firms: The latest threats
In this video, expert Eric Holmquist explains what to look out for in the current threat landscape, including Automated Clearing House (ACH) fraud. He also discusses pandemic planning and how tabletop exercises are critical for successful disaster recovery planning.Video
-
Seven GRC best practices for information security
Learn the seven most important practices to use when implementing governance, risk and compliance at your enterprise.Video
-
Shifting to a flexible information security framework
Financial-services executives often view information security as locks and keys that impede business, which makes it hard for security to win funding. In this tip, Randall Gamby explains how adopting an information security framework built on the idea of information security as a business enabler will help bridge the gap between security professionals and business managers.Tip
-
Disaster recovery security considerations for financial services
Financial firms need to include security in their disaster recovery planning. In this tip, Randall Gamby discusses how enterprises can ensure information remains secure during a business disruption.Tip
-
GRC for financial firms: The latest threats
In this video, expert Eric Holmquist explains what to look out for in the current threat landscape, including Automated Clearing House (ACH) fraud. He also discusses pandemic planning and how tabletop exercises are critical for successful disaster recovery planning.Video
-
How to examine a DD image on Windows or Linux
A slew of open source and commercial tools will help you examine a DD image on either Windows or Linux.Tip
-
Security benefits of virtual desktop infrastructures
In a highly regulated industry where security is critical, financial-services firms are turning to virtual desktop infrastructures. In this tip, Eric Ogren explains the security benefits of virtualized desktops and virtual workspace projects, including malware-resistant software configurations and enhanced data loss prevention.Tip
-
H1N1 planning for your organization: An essential guide
There are some things that every company should do as part of their H1N1 planning. Discover how to prepare for a possible swine flu outbreak so your business can continue to operate smoothly and securely by downloading this exclusive eBook now.E-Guide
-
Five mistakes banks make in pandemic planning
Experts cite five areas where financial institutions could improve their planning for a potential H1N1 outbreakArticle | 13 Oct 2009
-
How to create a bit-image copy of a live server
Part of your incident response plan should include the creation of a bit image copy of a live server. Free and open source tools are available to simplify this process.Tip
-
Swine flu puts spotlight on pandemic planning
Financial-services firms are monitoring the swine flu outbreak and readying pandemic plans.Article | 01 May 2009
-
Swine flu reveals pandemic planning shortcomings
The swine flu highlights flaws in organizations' pandemic plans. Compliance expert David Scheier describes how three clients have no idea if their pandemic plans will work.News | 29 Apr 2009
-
Swine flu: Pandemic planning wake-up call
It's unclear how big a threat the swine flu represents, but it serves as a reminder of how critical pandemic planning is, David Schneier says.News | 27 Apr 2009
- VIEW MORE ON : IT disaster recovery planning and management
-
Automated Clearing House fraud (ACH fraud)
ACH fraud is the theft of funds through the Automated Clearing House financial transaction network. The ACH network acts as the central clearing facility for all Electronic Fund Transfer (EFT) transactions in the United States, representing a crucial link in the national banking system.Definition
-
More than hype: Security big data helps bank to boost security program
At RSA Conference 2012, Zions Bancorporation detailed how it harvested security big data using a Hadoop-based security data warehouse.News | 01 Mar 2012
-
Insider fraud detection and prevention
Financial institutions need to monitor and recognize changes in employee behavior in order to detect potential insider fraud.Tip
-
Holistic fraud reduction through customer security management
Monitoring customer behavior across multiple channels would help banks fight fraud, but today's fraud detection technology isn't there yet. In this tip, financial services expert Jerry Silva explains how banks could benefit from the concept of "customer security management."Tip
-
Building an unstructured data protection program
Learn how to develop a holistic approach to managing the risks associated with unstructured data.Tip
-
Standardization key to Credit Suisse information security governance framework
The CISO of financial giant Credit Suisse says the key to successful global security and risk management is a uniform governance system supported by a common policy framework.Article | 17 Sep 2010
-
Online bank fraud lawsuits force banks to reassess security
Banks face security and reputational issues due to lawsuits filed by fraud victims, experts say.Article | 17 Aug 2010
-
Tools aim to help banks and others tackle insider fraud
Insider fraud is a complex problem in the financial industry. Here's a look at some of the technology available to help banks thwart it.Article | 25 Jul 2010
-
Seven considerations when evaluating automated GRC tools
Automated tools can help ease the compliance burden, but financial services firms must first weigh their needs. In this tip, David Strom looks at the top considerations when looking into buying a GRC tool.Tip
-
Download presentations from Financial Information Security Decisions 2010
Learn from the industry's leading information security experts who gathered to share proven security strategies. If you couldn't make it to New York City for the event, you can catch up here.Conference supplement
- VIEW MORE ON : Risk assessment and management
-
four eyes principle
The four eyes principle is a requirement that two individuals review and approve some action before it can be taken. In a business context, the two individuals are often the CEO and the CFO. However, the principle can be applied to decisions at all levels and in a wide variety of environments. The four eyes principle is sometimes called the two-man rule or the two-person rule.Definition
-
Automated Clearing House fraud (ACH fraud)
ACH fraud is the theft of funds through the Automated Clearing House financial transaction network. The ACH network acts as the central clearing facility for all Electronic Fund Transfer (EFT) transactions in the United States, representing a crucial link in the national banking system.Definition
-
Tilon financial malware targets banks via MitB attack, Trusteer finds
Tilon is related to the Silon malware detected in 2009. It uses a man-in-the-browser attack to capture form submissions and steal credentials.News | 09 Aug 2012
-
Citadel malware toolkit going underground, says RSA
The Citadel crimeware, a toolkit giving cybercriminals sophisticated financial malware, is being taken off the market by its authors, according to experts monitoring its activity.News | 03 Jul 2012
-
Ramnit worm variant now dangerous banking malware
The Ramnit worm now supports man-in-the-middle attacks, giving cybercriminals the ability to drain a victim’s bank account.News | 25 Aug 2011
-
OddJob Trojan: Different from other online security banking threats?
What particular risks does the OddJob Trojan pose to the security of financial transactions over the Web? Expert Nick Lewis explains.Answer
-
Malware and email authentication in financial services
Malware and fighting phishing with email authentication are major security topics for financial services firms. In part two of this video, Paul Smocer discusses the threats and mitigation options.Video
-
GRC for financial firms: The latest threats
In this video, expert Eric Holmquist explains what to look out for in the current threat landscape, including Automated Clearing House (ACH) fraud. He also discusses pandemic planning and how tabletop exercises are critical for successful disaster recovery planning.Video
-
The final frontier: bank check security
In his latest blog post, David Schneier writes that the banking industry needs to take action to protect account numbers and other sensitive information printed on bank checks.News | 01 Dec 2009
-
Threat of insider fraud growing with bad economy
Actimize survey shows financial institutions see insider fraud threat growing as economic recession puts pressure on employeesArticle | 23 Sep 2009
- VIEW MORE ON : Threat prevention
-
Citigroup breach: It’s about Web security
Jeremiah Grossman explains that the Citigroup breach was the result of a simple business logic flaw which should have been caught in the code review process.News | 27 Jun 2011
-
Enterprise security intelligence and analysis
Is your enterprise security intelligence and analysis fully optimized? Expert Nick Selby discusses threat intelligence and talks about some best practices.Video