On Identity Theft and Breaking the Wrong Record

September 2, 2008 - Linda McGlasson

Everyone was watching the Olympics this past month and saw lots of records being broken. But there is one record no one want to be included in -- the record number of 449 data breaches that have happened (and been made public) and recorded by the Identity Theft Resource Center.

Unfortunately for some unlucky players (and their customers) in the financial services industry, they're on this year's list....

Read More

ID Theft Red Flags: The Only Compliance Initiative Your Customers Care About

August 29, 2008 - Mike D'Agostino

GLBA who? Bank Secrecy what? Insider Threat?...is that something mob-related?

Your customers may not even know your institution is examined for security compliance by the banking regulatory agencies, and so most likely will have never even heard about the ID Theft Red Flags Rule and the impending November 1 compliance date. That being said, the resulting preparedness by financial institutions to adhere to the Red Flags Rule and strengthen their position against identity thieves will hopefully have a resounding effect on said customers.

I'm convinced that if you asked the majority of people how their bank operates -- more specifically, how their bank operates in a "secure" manner -- they would be clueless. I have no caveats saying the general public has no concept of how their private information is kept private, and the steps financial institutions go through to secure their sensitive data. Some would tell me that the general public doesn't have to know, they shouldn't care how it is done, just that it ("security") is getting done and everything is being done to keep their sensitive data private. I think I would agree, however there is one ultimate security concern that consumers have. I'll explain below......

Read More

Social Engineering: The Gorilla in the Room

August 26, 2008 - David Schneier

So, I'd started my weekly blog entry intending to discuss application security (I'm keenly interested in what the just-released BIS survey is going to reveal) when the following headline came across on my BIS RSS feed "Social Engineering Hits Brit Bank Head, Victim of Fraud."

You'll have to forgive me for being so easily distracted by this headline, but social engineering is a topic of immense interest for me these days....

Read More

Subscribe

Meet The Blogs

	There are 18,000 banking institutions in the U.S., and somebody has to blog about their breaches, concerns and security successes. Customer Confidence: Overblown or Understated? Too-Easy Authentication? Identity Theft Red Flags Rule: A Chance to Take a Stand

	From the FDIC to the NCUA, banking institutions take guidance from myriad government agencies and regulations. Here's where we make sense of it all. Countrywide and Solving the Insider Threat GLBA and Security Avoidance Questions - Why Are We Not Surprised? Train Conductor Chuck Pushed Throttle on IndyMac

	A look into how the security and privacy concerns of consumers impact financial institutions. Ouch! What If This Was Your Institution? How Financial Institutions Can Leverage Modern Bank Heists Identity Theft Red Flags & What They Mean to Banking Customers

	Not all risks are created equal. Understand, manage and transfer risks, as necessary. Ignore none. TJX Case Indictments: Lessons Learned Banking Crisis Hits Home with Community Institutions Perfect Storm or Perfect Opportunity?

	A practitioner’s view from the inside out. ID Theft Red Flags Compliance Will Impact Examinations for Years to Come Vendor Management: One Size No Longer Fits All It's Easier to Comply Than Explain Why You Haven't

The B2B World

Fraud Mitigating Rock Phish Attacks Five Business Strategies to Reduce the High Cost of Online Consumer Authentication	FACTA FDIC: Identity Theft Red Flags - Interagency Final Regulation and Guidelines Agencies Issue Proposed Rules and Guidelines that Address Accuracy and Integrity of Consumer Report Information and Rules to Allow Direct Disputes

Leadership Management Improving Business Continuity in the Financial Services Sector: A Model for Starting Regional Coalitions The State of Banking Information Security 2008 - Survey Executive Overview	Web Security PCI Compliance for IBM System i (AS/400) Global Best Practices in Email Security, Privacy and Compliance

About Our Blogs

Subscribe

Email	RSS

Timely news and analysis on the hot topics related to information security, regulatory compliance and the business issues that drive banking institutions.

The Most