Financial Services


FS-ISAC to Share Threat Intelligence With Federal Reserve Banks

September 16, 2015 Added by:InfosecIsland News

The Financial Services Information Sharing and Analysis Center (FS-ISAC) announced an arrangement with the Federal Reserve Banks to provide direct access to FS-ISAC security threat information to over 10,000 of their financial institution customers.

Comments  (0)


Inadequate Processing Parameters Add More Chinks in the EMV Armor

August 19, 2015 Added by:Idan Aharoni

Inteller has received information from well-informed industry sources that banks have recently observed several new schemes targeting EMV which were successful in circumventing the standard. While these particular incidents were also limited to SDA, unlike the previously-reported case, they were made possible due to elements in the transaction authorization process that could, theoretically, also ...

Comments  (0)


Challenges and Solutions of Threat and Vulnerability Sharing in 2015

June 29, 2015 Added by:Shawn Masters

Overcoming the challenges that information sharing presents will require greater collaboration across the financial industry and a focus on combined efforts rather than individual protection

Comments  (0)


Preview: Suits and Spooks London - May 6-7, 2015

April 16, 2015 Added by:Eduard Kovacs

With less than three weeks to go until Suits and Spooks London 2015 kicks off, the agenda is nearly finalized. Our first 2-day international event will host experts in cyber warfare, intelligence, advanced persistent threats, sophisticated malware, and political issues.

Comments  (0)


Webcast: Using Global Intelligence Data to Prevent Online Fraud and Cybercrime

December 12, 2014 Added by:InfosecIsland News

Please join ThreatMetrix and SecurityWeek on Thursday, Dec. 18th, 2014 at 1PM ET for a Live Webcast.

Comments  (0)


Last Chance to Register for Suits and Spooks New York

June 18, 2014 Added by:Mike Lennon

Suits and Spooks NYC will feature over 20 expert speakers in the areas of financial intelligence, special operations, information security, money laundering, and the protection of critical infrastructure.

Comments  (0)


The Perils of Combining Security and Compliance

January 27, 2014 Added by:Robb Reck

There is a natural tendency to lump security and compliance together. Intuitively it just makes sense right? The biggest compliance frameworks like PCI, GLBA, SOX and HIPAA are all looking to ensure that our security is up to snuff. In fact, if we do security right, compliance should come naturally, with very little additional technical work.

Comments  (0)


ATM Security (And Really Learning from the Past)

May 14, 2013 Added by:Andy Willingham

There are lots of other things that go into ATM security that can have a big impact on ensuring that it is as secure as possible.

Comments  (1)


We Hope SOC 2 Fails...

June 11, 2012

SOC 2 has the potential to unify the risk assurance industry by consolidating multiple audits, standards, and compliance requirements under one umbrella engagement. However, if the market is allowed to define anything as internal controls over financial reporting (ICFR), SOC 2 is destined to fail...

Comments  (0)


Financial Organizations Struggle with Out of Band Authentication

May 09, 2012 Added by:Brent Huston

Financial organizations have been working on implementing out of band authentication (OOBA) mechanisms for specific kinds of money transfers such as ACH and wires. While this authentication method does add some security to the process, it does not come without its challenges...

Comments  (1)


SOC 2: The Customer Security Questionnaire Killer

May 07, 2012 Added by:Jon Long

User organizations figured out a long time ago that if they want confirmation of how secure their suppliers are, they have to find out for themselves because a sufficient third party attestation did not exist. This is also where the challenge to service auditors is...

Comments  (0)


Assurance : Don't Worry, I've Got This...

April 06, 2012 Added by:Jon Long

There is nothing that changes faster than technology, and if you are not ahead of it, you are ancient history. Within the category of technology, security is at the forefront of rapid change, and there is nothing more critical to ensure that we understand as auditors...

Comments  (0)


What do Credit Card Companies do with Your Personal Info?

March 23, 2012 Added by:Allan Pratt, MBA

The types of personal information companies collect and share depends on the product or service you get from them. This info can include: Social Security number and income, account balances and employment details, and credit history and transaction history...

Comments  (0)


SSAE 16 is NOT SOC 2

December 22, 2011 Added by:david barton

Just when I thought things were getting better, along comes a press release that is wrong on so many levels I don’t even know where to begin. First, SSAE 16 is not a certification. Secondly, SOC 2 is totally unrelated to SSAE 16, which is specific guidance for conducting SOC 1 reviews...

Comments  (2)


SOX Compliance and Evolution to GRC Conference

October 20, 2011 Added by:Infosec Island Admin

The SOX Compliance series is targeted at a focused group of senior level executives to maintain an intimate atmosphere for the delegates and speakers. Since it is not a vendor driven conference, the higher level focus allows the delegates to network with their industry peers and speakers...

Comments  (0)


SOX Compliance and Evolution to GRC Conference

September 14, 2011 Added by:Infosec Island Admin

While maintaining the focus on the continual optimization of the SOX program, 22nd edition conference will draw on the more recent challenges being faced by SOX professionals in light of the recent economic climate and new Dodd-Frank requirements...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »