Accounting

Ffc4103a877b409fd8d6da8f854f617e

Key Risk Management Issues For 2016

January 13, 2016 Added by:InfosecIsland News

Chief risk officers (CRO) will need to keep close watch on a number of strategic, operational, and external risks this year. Effective risk management and mitigation will be critical, since companies' strategies, business models, operations, reputations, and, ultimately, survival are on the line.

Comments  (0)

B8645aab12b6ba5e561fccefbf46cc0c

Challenges and Solutions of Threat and Vulnerability Sharing in 2015

June 29, 2015 Added by:Shawn Masters

Overcoming the challenges that information sharing presents will require greater collaboration across the financial industry and a focus on combined efforts rather than individual protection

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

SOX Compliance and Evolution to GRC - Chicago

September 23, 2011 Added by:Infosec Island Admin

The SOX Compliance series is targeted at a focused group of senior level executives to maintain an intimate atmosphere for the delegates and speakers. Since it is not a vendor driven conference, the higher level focus allows the delegates to network with their industry peers and speakers...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Data Integrity: The Intersection of Infosec and SOX

September 13, 2010 Added by:Infosec Island Admin

SOX compliance best practice requires a new level of cooperation between IT, legal, executives and risk management staff. Developing effective enterprise policies is a dynamic process that requires ongoing review and improvement efforts...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Mobile Banking Application Development

June 22, 2010 Added by:Brent Huston

Lately, we have been looking at a lot of banking apps and front ends for the iPhone, Android and other mobile devices in the lab. Our testing thus far has shown some great results and it seems like a lot of banks, credit unions and other financial institutions are interested in having an “app” for their customers and members.

Comments  (0)

F8f122d50eba11c3af5607575b277bc6

Reducing the Cost of Compliance

June 22, 2010 Added by:Bryan Miller

The American Heritage dictionary defines compliance as "The act of complying with a wish, request, or demand; acquiescence". When you think of complying with something, do you normally consider it a wish? So, would paying my taxes indicate I'm complying with the Federal government's wish that I pay my taxes, or is it a demand?

Comments  (0)

17d45ef135b1630c421896f331160484

Banking's BIG Dilemma: How to Stop Cyberheists

June 18, 2010 Added by:John Frank

In online banking and payments, customers' PCs have become the Achilles' heel of the financial industry as cyber-crooks remotely take control of the computers to make unauthorized funds transfers, often to faraway places. The dilemma for banks boils down to this: How far can they go to help protect customer desktops that function like part of their shared network but aren't owned by the bank?

Comments  (1)

B32b392ce3a707f05f4838c48c67d9cf

Good enough security?

October 29, 2009 Added by:Christopher Hudel

We have had 802.1x -- CISCO + Active Directory Integration --  in place for over a year know and it is largely a success; windows systems automatically obtain machine certificates (machines automatically receive certificates when they join the domain), supplicants exist for our IP Phones, and those devices (i.e.: printers)  that are currently incapable of 802.1x are split off in a tightl...

Comments  (2)

B038fefd7a19c26505d1f0671609d8ce

IT Security - Defense in Depth Protection using a Data-centric Model

October 29, 2009 Added by:Mike Cuppett

Start aligning your security strategy to better protect your organization's most critical asset - data. While many security proponents lean toward an outside-in strategy - protect every computer in the company from the outside world first - we really need to understand that the data is the asset that must be protected first and foremost.  The outside-in strategy starts at a macro level and ov...

Comments  (5)

7fef78c47060974e0b8392e305f0daf0

Where are the DBAs?

October 07, 2009 Added by:Infosec Island Admin

What I really want to know is this: Where are the Database Admins (DBAs) these days? I cant tell you how many times in the past 18 months that I’ve found real enterprises running vulnerable databases with default passwords, weak passwords and no real permissions management.

Comments  (3)

7fef78c47060974e0b8392e305f0daf0

PCI Auditor Being Sued for Certifiying CardSystems as Compliant

July 13, 2009 Added by:Infosec Island Admin

Savvis is being dragged into court to defend their PCI DDS certification of CardSystems in 2004, which was subsequently responsible for losing a quarter of a million credit card numbers. This is the first of potentially many legal actions against PCI auditors that certified organizations as compliant, when they were subsequently breached and responsible for the loss of consumer cred...

Comments  (2)