Tag: Banking

Banking

New Study Reveals the True Effect Data Breaches have on Customer Loyalty

Suffering a breach is scary. The loss of crucial data and records can deal a crippling blow for any organization forced into extended downtime. But the worst part of a breach may not be the attack itself; the repercussions of this attack can have much further reaching effects. We’ve speculated about this effect in the past, but a new study by Carnegie Mellon University (reported on by The Register) confirms our suspicions: suffering a breach can cost you customers. Lack of Information Studies connecting consumer loyalty to breaches or fraud have been hard to come by in recent years, making this study especially noteworthy. Generally, we know that stock prices of organizations – especially financial institutions – take a hit after suffering breaches,

Read More »
Banking

Catching Cyber Criminals

We have a habit of profiling major cyber crimes in this space. The breaches that grab our attention, foreshadow coming doom – and so on and so forth. It’s important to remember, however, that there are real people behind these attacks. Real people who can be caught red-handed. The Crime The London Metropolitan Police’s Falcon cybercrime unit recently announced the arrest of a British man for stealing up to £840,000 ($1 million) in an online banking fraud scheme. Tomasz Skowron launched a malware attack in December 2014, targeting computers around the world. Notably, several companies in Australia were affected and forced to make payments. To facilitate this, Skowron set up a “money mule” system of bank accounts to which the

Read More »
Banking

The Compliance Issue: Taking IT Security a Step Further

Complying with cybersecurity regulation is at the forefront of many companies’ minds. Perhaps to their own detriment, according to David Glockner, the regional director at the U.S. Securities and Exchange Commission’s (SEC) Chicago Regional Office. Quoted in SC Magazine, Glockner encouraged attendees at an SC Congress meeting in Chicago to think about cybersecurity, “divorced from the regulatory landscape.” Instead, he made the case that companies should think about their cybersecurity from a business perspective. “What is your most sensitive information? What are your most sensitive operations and what vulnerabilities do you have? And thinking about how you protect what’s critical to your business operation in most instances is going to get you most, if not all of the way, toward

Read More »
BAI Security Compromise Assessment

Unseen Consequences: The Ripple Effects of a Data Breach

A data breach results in some obvious, immediate impacts. Your customers’ and/or patients’ data is exposed, for one. Even if you don’t lose their business, there will likely be some fences to mend to regain their trust. However, what often gets lost in the aftermath of significant breaches is the ripple effect these attacks can have on all levels of your business. These ripples are currently shaking an in-transition Yahoo to its core. Market Loss As you’ve probably heard, Yahoo recently announced that at least 500 million user accounts were breached in a late 2014 attack, making it potentially one of the largest cyber breaches ever. This news came at a particularly bad time, as Verizon was willing to bid

Read More »
Banking

The Year of Ransomware

Ransomware is a threat you’ve probably heard a lot about in 2016. That’s not without good reason – it’s one of the main cybersecurity threats facing businesses today. Though preventative steps do exist, this is still an extremely effective attack method you can’t afford to ignore. One successful attack is all it takes to set your business back drastically. The Method Victims of ransomware receive demands for bitcoins, the volatile virtual currency whose value to real world dollars can rapidly change at any moment, making it even more difficult for a business to secure their data’s release. The standard attack goes like this: Online gangs of cyber criminals remotely encrypt and lock computers, leaving victims with a ransom screen they can’t

Read More »
Assessment

HIPAA Audits And Data Security

A random audit program to gauge Phase 2 HIPAA compliance is expected to be underway soon. This round will target business associates, including financial institutions that are typically exempted from HIPAA compliance when they provide what are considered to be typical banking services such as payment processing and credit/loans. But financial institutions that “create, receive, maintain, or transmit” protected health information may now have direct obligations under HIPAA. This round will include both on-site and off-site reviews. Off-Site Audits Off-site audits focus on documentation reviews. These audits typically focus on one of the three mail HIPAA provisions – breach notification, security, or data privacy protocols. Documentation cannot be created after you receive the audit request, so review your policies and

Read More »
Attack

Huge Development In Cyber Espionage Tech

The United States has reportedly managed to develop a method that allows it to permanently embed surveillance and malware tools in computers and networks around the world, according to Kaspersky Lab, a Russian cybersecurity firm. Kaspersky presented its research at a conference in Mexico Monday night. They have dubbed the creators of this technique the “Equation Group,” and have broadly hinted that it is tied to the U.S National Security Agency and its military partner, United States Cyber Command, due in part to a similarity between Stuxnet – the computer worm that disabled about 1,000 centrifuges in Iran’s nuclear enrichment program – and the new malware platform. But the Equation’s level of sophistication makes Stuxnet seem like child play, according

Read More »
Audit Results

BAI SECURITY – MID-YEAR TOP-4 SECURITY RISKS

First, it should be noted that this list is compiled from IT Security Audits performed by BAI Security during January to July of 2013 and is not intended to be a comprehensive list of all security risks.  BAI Security specializes in auditing regulated organizations, such as those in banking and finance, pharmaceutical, healthcare, insurance, and the utility sector.  While commonalities often exist, the results found here are not necessarily representative of businesses outside of these sectors. Social Engineering Social engineering has long been a serious security concern, but more recently organizations are slipping even further into a much higher level of risk in this area.  Even with most organizations performing annual end-user security awareness training, which usually includes a piece on social

Read More »