Solutions Review

SEPTEMBER 8, 2023

Unfortunately, the information being fed to CISOs about the state of cybersecurity risk is incomplete. That state of affairs is likely to remain until the inherent risk posed by vulnerable storage and backup systems is addressed. The average enterprise storage device has around 15 vulnerabilities or security misconfigurations.

Cyber Resilience 105

Cyber Resilience Backup Resilience Vulnerability 105

everbridge

MARCH 7, 2025

Security threats are evolving rapidly, shaped by a combination of cyber vulnerabilities, supply chain risks, geopolitical instability, and natural disasters. According to the National Institute of Standards and Technology (NIST), nearly 43% of cyberattacks in 2023 targeted vulnerabilities within third-party supply chains.

Resilience 52

Resilience Security Emergency Response Emergency Response 52

NexusTek

APRIL 19, 2023

The Facts: Financial Services Industry and Cyber Threats Year after year, cybersecurity research reveals the ugly facts. Getting a sense that their bank, lender, or investment firm has weak security can drive customers to close their accounts and switch to a competitor.

Financial Services 98

Financial Services Security Banking Cybersecurity 98

everbridge

JANUARY 10, 2025

This concept, as defined by the European Banking Authority, emphasizes ensuring that essential services continue to function amid challenges such as cyber-attacks, natural disasters, regulatory changes, or supply chain disruptions. Map out dependencies across operations , including third-party vendors and supply chains.

Resilience 52

Resilience Financial Services Vulnerability Business Continuity 52

LogisManager

JULY 30, 2024

CrowdStrike , an American cybersecurity company, pushed out a faulty update to its Falcon Sensor software, causing approximately 8.5 Planes were grounded, banks were frozen, and hospitals were in chaos. One company’s screw-up spiraled into a global disaster, hitting everyone from airlines to banks.

Risk Management 98

Risk Management Management Outage Banking 98

FS-ISAC

MARCH 2, 2021

Insights spoke with ING CISO Beate Zwijnenberg about the opportunities and challenges of applying technologies like artificial intelligence and machine learning to cybersecurity. As financial institutions race to digitise products and services, how should they think about applying new technologies to cybersecurity?

Cybersecurity 52

Cybersecurity Malware Banking Architecture 52

Citrix

JANUARY 25, 2023

Zero trust has become a crucial component in the cybersecurity strategy of organizations everywhere. More and more enterprises are finding themselves turning toward zero trust architecture to keep their data, infrastructure, and other assets safe.

Architecture 66

Architecture Banking Vulnerability Mitigation 66

FS-ISAC

JULY 27, 2023

Jerry Perullo draws on more than two decades of experience, including as CISO at Intercontinental Exchange/New York Stock Exchange (ICE/NYSE), and recently as interim CISO at Silicon Valley Bank, to explain his framework for presenting cybersecurity risks and solutions to the Board. Yet, cybersecurity isn’t on the list.

Cybersecurity 52

Cybersecurity Vulnerability Banking Risk Management 52

FS-ISAC

NOVEMBER 8, 2021

Insights spoke with BBVA CISO Alvaro Garrido to discuss how he sees cybersecurity evolving over the next several years. BBVA was the first bank in Europe to launch a crypto custody service. How can a bank decide whether to build crypto custody services or partner with third-party providers? However, it is not a silver bullet.

Security 52

Security Banking Cybersecurity Marketing 52

Online Computers

OCTOBER 29, 2023

With the state taking cybersecurity more seriously, every business owner across the state should do the same. Whether you’re a small- or medium-sized business (SMB) or a large corporation, you need to be savvy about cybersecurity. Here are some of the key things you need to know about cybersecurity in 2023.

Malware 52

Malware Security Cybersecurity Vulnerability 52

FS-ISAC

JUNE 30, 2022

More than six months since Log4j made the headlines, the threat of zero-day exploits, or previously unknown vulnerabilities, looms large over the heads of business leaders and cybersecurity teams. For one, not everyone has the resources to quickly address vulnerabilities. Unfortunately, zero-days are inevitable.

Vulnerability 52

Vulnerability Cybersecurity Malware Financial Services 52

NexusTek

APRIL 19, 2023

The Facts: Financial Services Industry and Cyber Threats Year after year, cybersecurity research reveals the ugly facts. Getting a sense that their bank, lender, or investment firm has weak security can drive customers to close their accounts and switch to a competitor.

Financial Services 52

Financial Services Security Banking Cybersecurity 52

Online Computers

NOVEMBER 27, 2023

Human vulnerability can easily be exploited by criminals. The number one phishing target: Financial institutions Not surprisingly, financial institutions such as banks, payment systems, online stores, and eCommerce are the most popular targets of phishing scams. Phishing is quite effective.

eCommerce 52

eCommerce Vulnerability Cybersecurity Logistics 52

Solutions Review

SEPTEMBER 14, 2021

TITLE: Risk Management for Cybersecurity and IT Managers. Dion guides his students through the foundations of risk management, particularly with regard to cybersecurity and information technology. The Best Risk Management Courses on Udemy. None of these things have anything to do with proper risk management. GO TO TRAINING.

Risk Management 98

Risk Management Management Government Vulnerability 98

Online Computers

OCTOBER 8, 2021

According to Akamai Security, credential stuffers readily swiped not just bank details and personal data, but even rewards from retail and loyalty programs, such as gas cards, hotel stays, and airline miles. Credential stuffing is a threat to businesses because exploited user accounts may be used to explore your network’s vulnerabilities.

Banking 52

Banking Airlines Authentication Retail 52

Online Computers

NOVEMBER 30, 2023

To help prevent identity theft, follow these strategies: Create strong and unique passwords Passwords are typically used to protect email, banking, and social media accounts. Be cautious about sharing sensitive information online, such as your bank account and Social Security number. Drop us a line to learn more.

Banking 52

Banking Malware Alert Internet 52

FS-ISAC

MAY 9, 2023

Episode Notes Tabletop exercises are a crucial component for enhancing threat and vulnerability management plans in fintech. Paige Johnson, Executive Director and Head of Americas Firmwide Simulation Utility at JP Morgan Bank, discusses the origin and development of these exercises.

Banking 52

Banking Vulnerability Management Cybersecurity 52

Pure Storage

MARCH 25, 2024

Specifically, these have come from the Cybersecurity & Infrastructure Security Agency (CISA), Federal Financial Institutions Examination Council (FFIEC), and the National Cybersecurity Strategy (NCS) from the White House. CISA’s focus is on voluntary collaboration across all “critical infrastructures” in the U.S.

Financial Services 59

Financial Services Resilience Banking Risk Management 59

Pure Storage

AUGUST 3, 2023

Threat modeling is the process of identifying potential threats and vulnerabilities in a system and determining the likelihood and impact of each threat. Assets that are vulnerable to spoofing include usernames, passwords, and digital certificates. What Is Threat Modeling? This can be a serious threat to confidentiality and privacy.

Authentication 87

Authentication Vulnerability Authorization Audit 87

FS-ISAC

SEPTEMBER 8, 2021

While cybercrime has been around for decades, the 2016 cyber heist against Bangladesh Bank was a watershed moment for financial authorities around the world. In its aftermath, many financial regulators ramped up their focus on cybersecurity, delving far deeper into firms’ cyber readiness and maturity than they had previously.

Authorization 52

Authorization Banking Benchmark Cybersecurity 52

FS-ISAC

MARCH 2, 2022

For cybersecurity professionals, the rise of quantum computing will require a new vision of security that maximizes the advantages and minimizes the risks inherent in the adoption of quantum technology. Quantum sensing could also be used for internet of things (IoT), mobile banking, and more. One prime use case for this is warfare.

Financial Services 98

Financial Services Internet Fashion Technology 98

NexusTek

DECEMBER 2, 2020

In 2019, cybersecurity company Kaspersky reported that cyber-attacks directed at holiday shoppers were up 15% from the previous year. Simply having anti-virus software is not enough and doesnt protect your employees from various tactics cyber criminals will use to exploit security vulnerabilities.

eCommerce 52

eCommerce Retail Cybersecurity Vulnerability 52

Online Computers

MAY 10, 2022

A crime of opportunity happens in an instant, and that criminal can walk away with a sheet of credit card numbers or bank statements. Once an MSP has audited your network, they can find where you are most vulnerable and take the necessary measures to prevent unauthorized use of computers and wireless internet. Vindictive Employees.

Cybersecurity 52

Cybersecurity Banking Audit Internet 52

FS-ISAC

MAY 25, 2021

Banks around the world are used to quantifying financial risks such as market, credit, and liquidity risks. But in a digital finance world that is quickly advancing into uncharted territory, non-financial risks – operational risk, fraud prevention, IT risk, and cybersecurity – are increasingly critical to the business.

Banking 52

Banking Cybersecurity Mitigation Risk Management 52

Fusion Risk Management

MARCH 1, 2022

The Bank of England, as part of their operational resilience policy statement , continually outlined the need for institutions to ensure that they can continue to deliver their important business services during severe (or extreme) but plausible scenarios.

Manufacturing 52

Manufacturing Logistics Transportation Vulnerability 52

Fusion Risk Management

JANUARY 24, 2023

and the EU operate with dedicated teams who work with the organization and local regulators to address the requirements that have been established by the Bank of England (BoE), Financial Conduct Authority (FCA), Prudential Regulation Authority (PRA), and other EU-based authorities. Generally, global firms with a heavy presence in the U.K.

Resilience 52

Resilience Financial Services All-Hazards Banking 52

Pure Storage

MAY 13, 2024

The last year has seen such attacks hit Bank of America , Home Depot, T-Mobile , Okta , and Citrix. To help, a new class of tools has appeared on the market: Third-party cybersecurity risk management (TPCRM) platforms can help manage both assessment and ongoing monitoring.

Audit 52

Audit Banking Benchmark Application 52

Solutions Review

MARCH 31, 2023

Backups are an essential component of several functions in the NIST Cybersecurity Framework. Specifically, backups relate to the Recover function, which involves restoring any services that were compromised in a cybersecurity incident. However, backups fail to provide protection from data theft with no chance of recovery.

Backup 119

Backup Disaster Recovery Application Outage 119

FS-ISAC

JUNE 30, 2022

To minimize disruption from third-party attacks, zero-day vulnerabilities, ransomware, and nation-state threats, regulators around the world are implementing landmark incident reporting standards. Several trade associations – including Bank Policy Institute, U.S. The age of speedy incident reporting regulation is here.

Response Plan 52

Response Plan All-Hazards Hazard Mitigation 52

Assurance IT

MAY 25, 2021

The company called in third-party cybersecurity authorities. There was a point in time when you had to hold up a bank to steal money. If they find a vulnerability in your network, they will attack, no matter what industry you’re in. Reports are claiming that the DarkSide ransomware group is responsible for the attack.

Disaster Recovery 52

Disaster Recovery Transportation Cybersecurity Authorization 52

LogisManager

MAY 22, 2023

From economic fluctuations to cybersecurity threats, from regulatory changes to environmental hazards, the risk landscape is constantly evolving, and organizations must be agile and proactive to stay ahead. In the first case, a bank faced a safety and soundness review during the recession.

Risk Management 52

Risk Management Banking Evaluation Benchmark 52

LogisManager

MAY 22, 2023

From economic fluctuations to cybersecurity threats, from regulatory changes to environmental hazards, the risk landscape is constantly evolving, and organizations must be agile and proactive to stay ahead. In the first case, a bank faced a safety and soundness review during the recession.

Risk Management 52

Risk Management Banking Evaluation Benchmark 52

Reciprocity

AUGUST 15, 2022

But as more companies use technology across all parts of the enterprise and more compliance requirements focus on cybersecurity, IT security is becoming an increasingly central part of the CMS. In June 2020, the OCC warned banks about compliance risks related to the COVID-19 pandemic. So how does a modern CMS program operate?

Management 52

Management Audit Banking Media 52

Erwood Group

MAY 20, 2024

Safeguarding Sensitive Information : For accounts containing sensitive information, such as banking, email, and social media accounts, 2FA provides an extra layer of protection, ensuring that your data remains safe. Enabling 2FA on Banking Apps Given the sensitivity of financial information, many banking apps offer 2FA.

Authentication 52

Authentication Security Banking Application 52

LogisManager

MAY 20, 2021

For example, a forensic finding made during an evaluation of Colonial Pipeline noted numerous known and preventable vulnerabilities, such as unpatched and outdated systems, that likely led to the security breach. About the Author: Steven Minksy.

Risk Management 64

Risk Management Management Authentication Hospitality 64

FS-ISAC

MAY 25, 2021

As part of our Latin America focus for this edition of FS-ISAC Insights, we spoke with Homero Valiatti, Superintendent of Information Security at Itaú, Brazil's largest bank and the largest financial institution in the southern hemisphere. This article is also available in Portuguese and Spanish.

Cybersecurity 52

Cybersecurity Malware Risk Management Banking 52

Fusion Risk Management

FEBRUARY 7, 2023

The Impacts of Globalisation on the Scope of Crises So, whilst it is evident that the ‘stick’ of regulations is very much needed and has been incredibly valuable over the past couple of years in revealing vulnerabilities and helping guide investment strategies, the challenge of complying with all regulators’ requirements remains.

Financial Services 52

Financial Services Resilience Crisis Management Vulnerability 52