Post Type Description
More details are emerging on the international cybercrime ring based out of Eastern Europe who made off with some $1 billion in two years from 100 different banks in nearly 30 countries. Their main attack venue was spearphishing emails with a CPL or Word document attachment, sent to employees of financial firms and retail organizations.… Continue reading The Great (Digital) Bank Robbery: Protect your network from “Carbanak” Malware
The United States has reportedly managed to develop a method that allows it to permanently embed surveillance and malware tools in computers and networks around the world, according to Kaspersky Lab, a Russian cybersecurity firm. Kaspersky presented its research at a conference in Mexico Monday night. They have dubbed the creators of this technique the… Continue reading Huge Development In Cyber Espionage Tech
The new Payment Card Industry Data Security Standard 3.0 (PCI DSS 3.0) that went into effect on January 1 contains significant changes. Some of the requirements will remain suggested best practices until July 1, 2015. After that, they too become mandatory. PCI 3.0 will have the greatest impact on e-commerce merchants who partner with third… Continue reading PCI DSS 3.0: Are You In Compliance Yet?
That snazzy new car may be looking a little less appealing right now, following this week’s 60 Minutes show on car hacking, teamed with a Senator’s report detailing how wireless technologies in new cars can be exploited by both criminals and marketing mavens. Bottom line: the chances of your car being hacked, right now and… Continue reading What You Need To Know About Car Hacking
Regulators are increasingly interested in how financial firms are managing conduct risk. Thomson Reuters’ second annual survey on conduct risk identifies the most important industry-wide trends, and is based on a global survey of more than 200 compliance and risk practitioners from financial services firms. The report can act as a framework against which firms… Continue reading A Benchmark For Managing Conduct Risk
There are roughly 25 billion smart devices and objects busily gathering data and beaming information back to their respective motherships (and business partners). That’s up from 7 billion things a mere five years ago. And five years from now? The consensus is 50 billion things will be interconnected, merrily gathering data, and making our lives… Continue reading Securing Billions of Smart Things
Much has been said about Sony, and much remains to be said. But the bottom line is that Sony was a cyber attack that was simply waiting to happen. This is a company that has been repeatedly hit by malicious hackers who, angered by Sony’s approach to Digital Rights Management, were determined to wreck havoc… Continue reading Has Sloppy Security Slipped Into Your Network Ecosystem?
News about the damage associated with the Sony breach keep coming, and is most likely going to reach new heights over the Christmas break. Meanwhile, criminals keep conducting immensely successful hack attacks against huge brands that should have the financial assets and talent to protect against breaches. Has this risk management gone very wrong —… Continue reading Does Your Organization Need Cyber Insurance?
The Office of the National Coordinator for Health IT, a unit of the Department of Health and Human Services, has issued its Strategic Health IT Plan for 2015 to 2020. The plan, developed in collaboration with more than 35 federal agencies, has five main goals: Furthering the adoption of health IT Improving the security and… Continue reading The New Federal Strategic Health IT Plan
Security awareness will be a focus for banking regulators in 2015, with a focus on financial institutions’ C-suite executives and boards of directors. It’s likely that an in-depth refresher program will be a must for many, as new regulations are more complex and put a strong emphasis on cybersecurity preparedness. One resource that financial institutions… Continue reading Free Security Awareness Training for Financial Industry Executives
We’re here to discuss your upcoming IT security assessment and compliance audit needs.
