Financial Services
ATM Security (And Really Learning from the Past)
May 14, 2013 Added by:Andy Willingham
There are lots of other things that go into ATM security that can have a big impact on ensuring that it is as secure as possible.
Comments (1)
We Hope SOC 2 Fails...
June 11, 2012
SOC 2 has the potential to unify the risk assurance industry by consolidating multiple audits, standards, and compliance requirements under one umbrella engagement. However, if the market is allowed to define anything as internal controls over financial reporting (ICFR), SOC 2 is destined to fail...
Comments (0)
Financial Organizations Struggle with Out of Band Authentication
May 09, 2012 Added by:Brent Huston
Financial organizations have been working on implementing out of band authentication (OOBA) mechanisms for specific kinds of money transfers such as ACH and wires. While this authentication method does add some security to the process, it does not come without its challenges...
Comments (1)
SOC 2: The Customer Security Questionnaire Killer
May 07, 2012 Added by:Jon Long
User organizations figured out a long time ago that if they want confirmation of how secure their suppliers are, they have to find out for themselves because a sufficient third party attestation did not exist. This is also where the challenge to service auditors is...
Comments (0)
Assurance : Don't Worry, I've Got This...
April 06, 2012 Added by:Jon Long
There is nothing that changes faster than technology, and if you are not ahead of it, you are ancient history. Within the category of technology, security is at the forefront of rapid change, and there is nothing more critical to ensure that we understand as auditors...
Comments (0)
What do Credit Card Companies do with Your Personal Info?
March 23, 2012 Added by:Allan Pratt, MBA
The types of personal information companies collect and share depends on the product or service you get from them. This info can include: Social Security number and income, account balances and employment details, and credit history and transaction history...
Comments (0)
SSAE 16 is NOT SOC 2
December 22, 2011 Added by:david barton
Just when I thought things were getting better, along comes a press release that is wrong on so many levels I don’t even know where to begin. First, SSAE 16 is not a certification. Secondly, SOC 2 is totally unrelated to SSAE 16, which is specific guidance for conducting SOC 1 reviews...
Comments (2)
SOX Compliance and Evolution to GRC Conference
October 20, 2011 Added by:Infosec Island Admin
The SOX Compliance series is targeted at a focused group of senior level executives to maintain an intimate atmosphere for the delegates and speakers. Since it is not a vendor driven conference, the higher level focus allows the delegates to network with their industry peers and speakers...
Comments (0)
SOX Compliance and Evolution to GRC Conference
September 14, 2011 Added by:Infosec Island Admin
While maintaining the focus on the continual optimization of the SOX program, 22nd edition conference will draw on the more recent challenges being faced by SOX professionals in light of the recent economic climate and new Dodd-Frank requirements...
Comments (0)
Could a Cyber Attack Shut Down the Stock Exchange?
August 19, 2011 Added by:Scot Terban
The system is vulnerable to attacks that would have great consequences to the financial system within the US as well as potentially the world. Perhaps Mr. Kass is just looking to leverage the fear, perhaps he is trying to fire off the "Bat Signal” that something is wrong or inevitable...
Comments (0)
Financial Industry Guidance on the Use of Social Media
August 14, 2011 Added by:David Navetta
Banks and other financial institutions face unique issues when it comes to the use of social media. Faced with conflicts between social media platform rules, customer expectations, self-regulatory standards, and the strict regulations that govern the industry, guidance has been issued by BITS...
Comments (0)
Get Digitally Secure Before it’s Mandatory
June 17, 2011 Added by:Robert Siciliano
It is possible to secure systems against most cybercrime but that level of security often proves too inconvenient for consumers. As long as banks continue absorbing losses from fraud, consumers remain blissfully ignorant of the consequences of inadequate security...
Comments (0)
New Class of App – Business Financial Management
October 19, 2010 Added by:Ben Kepes
The genesis for these apps came from the realization that looking back at a series of bank accounts or a tax return was all very well, but it would do nothing to help individuals get a picture of their ability to afford their life a week, a month or a year into the future...
Comments (0)
Organized Web Mobsters Getting Jobs Inside
September 06, 2010 Added by:Robert Siciliano
Organized crime rings recruit or place insiders to embezzle or skim monetary assets and data, the smaller end of these schemes often target cashiers at retail and hospitality establishments while the upper end are more prone to involve bank employees...
Comments (1)
Bootable USBs for Consumer Security
August 22, 2010 Added by:Brent Huston
The major problem facing online banking today is really the consumer system. Home PCs are so compromised or infected that they represent a significant issue for the banking process. Home systems can pretty easily be removed from the equation with a simple bootable LiveCD or USB key...
Comments (0)
Out-of-band banking transaction confirmation could buy some time … a year ago.
June 29, 2010 Added by:Eli Talmor
Security measures such as one-time passwords and phone-based user authentication, considered among the most robust forms of security, are no longer enough to protect online banking transactions against fraud, a new report from research firm Gartner Inc. warns.
Comments (5)
- Identity & Access Management: Give Me a REST
- Over-Sharing Riskier than Government Snooping
- 20 Critical Security Controls: Control 13 – Boundary Defense
- Redefining Social Networking
- Creating Your Own Privacy & ROI
- Security Intelligence for the Enterprise - Part 1
- Why are Cybercrimes NOT Always White-collar Crimes?
- From the SMB to Security Guru: Five Ways IT Pros Can Manage Security on a Budget
- Balancing Act Between Privacy and Security
- The NSA’s Word Games Explained: How the Government Deceived Congress in the Debate over Surveillance Powers