I no sooner finished my most recent post on Business Continuity Planning, and we (BIS) published the transcript of a podcast conducted with Roger Batsel CISO Interviews: Roger Batsel, Republic Bank, on Business Continuity/Disaster Recovery), SVP, Managing Director of Information Systems at Republic Bank, Louisville,...
Whenever family or friends or otherwise ask what I do or what kind of company I work for, I always take the opportunity to start off with a question: Do you know what "information security" is? I do not expect much, as I myself could not quite give a clear definition before working in the position I hold now. No one...
When an institution's focus turns to compliance with the Gramm-Leach-Bliley Act (GLBA), questions always pop up -- What should the institution's core GLBA program include; who should be involved; what kind of information is needed, and what should be prepared for an assessment?
We've asked industry...
Just the other night, I was watching the 1958 classic movie about the sinking of the Titanic. You know, the one that told the straight story before Leonardo DiCaprio and Kate Winslet's steamy romantic version?
A Business Impact Analysis (BIA) is an integral part of developing a Business Continuity Plan for any type of disaster, and the Federal Financial Institutions Examination Council (FFIEC) has released recent guidance about enhancements to the BIA and testing discussions.
According to the latest update to the FFIEC's...
My recent post on Business Continuity Planning and its role in supporting institutions affected by the recent Midwest flooding generated more than its fair share of dialogue with my peers.
So much of what's required by regulation often presents itself as a documentation exercise and rarely transcends the...
Was it the largest synchronized security update in the history of the Internet?
On Tuesday, a coordinated patch was released by security researcher Dan Kaminsky of IO Active, fixing a vulnerability that exists in all Domain Name System (DNS) servers.
What does that mean for financial institutions? Patches are...
Financial institutions are increasingly better prepared for a pandemic disaster, but cyber security attacks are a growing concern.
This is the message from the current and past chairmen of the Financial Services Sector Coordinating Council for Critical Infrastructure Protection and Homeland Security (FSSCC).
George...
The parent company of the Montgomery Ward website had at least 51,000 records stolen out of a database last December, but failed to notify its customers.
The breach, first detected by Citigroup, a financial services company, showed hackers found a way into HomeVisions.com, a separate website of Direct Marketing...
The Financial Modernization Act of 1999, AKA the Gramm-Leach-Bliley Act, or just plain GLBA.
However you know it, financial institutions now have had several years of regulatory oversight and examination on it, but some are still struggling to meet the regulation's myriad list of requirements, which include...
Eighty-seven percent of major data breaches could have been avoided through reasonable security measures.
This is the conclusion of a new report from Verizon Business Security Solutions, analyzing 500 forensic investigations of data breaches. Financial institutions made up 14 percent of all companies included in...
Keeping abreast of what's going on in the regulatory compliance domain is something I need to do. It's sort of the life-blood of my career these days, as I spend most of my time either managing or executing audit and assessment activities predicated upon the various regs. Beyond wanting to be certain that my clients...
How to Put the "Business" back into Business Continuity Planning
Planning for disaster - whether a simple service disruption or a pandemic event - is paramount to any financial institution. But where does the responsibility fall?
Roger Batsel, SVP, Managing Director of Information Systems at Republic Bank,...
When a Dallas, TX bank needed some help to stop unauthorized data, it pulled out the biggest guns it could locate to stop the data leaking out of its networks.
The choice was a natural progression of what the bank was already doing to stop data loss, according to Omni American Bank's Chief Information Officer Tony...
Our insightful content just became a whole lot more interactive - and opinionated.
With the debut of five new blogs on BankInfoSecurity.com and CUinfoSecurity.com, Information Security Media Group (ISMG) is opening the floodgates to a whole new level of informed opinion and two-way communication with its vast...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.