Course, Financial Services and Security - Information Management Today

Accelerate hybrid cloud transformation through IBM Cloud for Financial Service Validation Program

IBM Big Data Hub

APRIL 4, 2024

This leaves many organizations hesitant to make the transition, fearing they will lose the control and security they have with their on-prem environments. A third-party investment review, where the ISV provides a bill of material showing what and how services are being used to meet compliance requirements, along with price points.

Financial Services

Financial Services Cloud Compliance Digital transformation

CHINA: New draft proposes more stringent requirements for processing data in the financial services industry

DLA Piper Privacy Matters

AUGUST 8, 2023

Authors: Carolyn Bigg, Amanda Ge and Venus Cheung On July 24, 2023, the People’s Bank of China (“ PBOC ”) released the Measures for the Management of Data Security in the Business Areas Falling into PBOC’s Jurisdiction (Draft for Comment) (“ Draft Measures” ) for public consultation, which closes on August 24, 2023.

Financial Services

Financial Services Personal data Compliance Data collection

Risk Management under the DORA Regulation

IT Governance

NOVEMBER 23, 2023

The financial sector is quite heavily regulated, and involves a lot of confidential data. You’d therefore expect that the sector fares better at data security than your average organisation. Perhaps even more concerning to EU lawmakers is how dependent society at large is on banking and other financial services.

Risk

Risk Data breaches Authentication Financial Services

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Catches of the Month: Phishing Scams for October 2023

IT Governance

OCTOBER 13, 2023

October is both Cybersecurity Awareness Month in the US and European Cyber Security Month in the EU – twin campaigns on either side of the Atlantic that aim to improve awareness of the importance of cyber security both at work and at home, and provide tips on how to stay secure.

Phishing

Phishing Financial Services Manufacturing Personal data

An Update on the SEC’s Cybersecurity Reporting Rules

Hunton Privacy

FEBRUARY 22, 2024

Securities and Exchange Commission’s (“SEC’s”) Form 8-K cybersecurity reporting rules under new Item 1.05, this blog post provides a high-level summary of the filings made to date. It is interesting, but perhaps coincidental, that the filings seem limited to two broad industry groups: technology and financial services.

Cybersecurity

Cybersecurity Financial Services Marketing IT

Disneyland Malware Team: It’s a Puny World After All

Krebs on Security

NOVEMBER 16, 2022

financial services firm Ameriprise uses the domain ameriprise.com; the Disneyland Team’s domain for Ameriprise customers is [link] [brackets added to defang the domain], which displays in the browser URL bar as ? Most Web browser makers, however, have spent years adding security protections to block such nefarious activity.

Phishing

Phishing Authentication Financial Services Access

NEW TECH: Cequence Security launches platform to shield apps, APIs from malicious botnets

The Last Watchdog

NOVEMBER 13, 2018

Cybersecurity vendors, of course, have been responding. And innovation is percolating among newer entrants, like PerimeterX, Shape Security and Signal Sciences. This week a new entrant in this field, Cequence Security , formally launched what it describes as a “game-changing” application security platform.

Security

Security Digital transformation B2C B2B

MY TAKE: Why companies and consumers must collaborate to stop the plundering of IoT systems

The Last Watchdog

NOVEMBER 9, 2020

The challenge of the moment is that many companies already have their hands full trying to improve their security posture as they migrate their legacy, on premises, IT systems to the cloud. The operating systems of home IoT devices today typically get shipped with minimal logon security. This is a sign of IoT attacks to come.

IoT

IoT Passwords Artificial Intelligence Risk

Combat the increasing ransomware threat by educating employees

IT Governance

FEBRUARY 28, 2018

Healthcare was the most affected industry (76%) and financial services the least (45%). End users – and human error – is so often the weakest link in your security, but well-trained users can be your strongest asset.” This ten-minute course provides an introduction to phishing and ransomware. Key findings.

Education

Education Ransomware Phishing Financial Services

How to Prevent Data Breaches: Data Breach Prevention Tips

eSecurity Planet

AUGUST 22, 2023

And breaches will occur – because bad guys make a living by figuring out ways to circumvent security best practices. Prioritize Data Protection The downfall of many security strategies is that they become too general and too thinly spread. But it requires different levels of security.

Data breaches

Data breaches Big data Cybersecurity Security

Impact of IDP on Business Growth – Customer Onboarding Use Case

Info Source

JULY 6, 2023

t starts with the prospect, who has researched alternatives based on her/his specific needs selecting a financial services provider and type of loan and submitting a request. The financial services institute requests a proof of identity and documentation to ensure that the person qualifies e.g., proof of residence, income etc.

Customer Experience

Customer Experience Communications Financial Services Insurance

Report: Big U.S. Banks Are Stiffing Account Takeover Victims

Krebs on Security

OCTOBER 7, 2022

who in April 2022 opened an investigation into fraud tied to Zelle , the “peer-to-peer” digital payment service used by many financial institutions that allows customers to quickly send cash to friends and family. Elizabeth Warren (D-Mass.), Bank , and Wells Fargo. ” Sen. Warren’s report is available here (PDF).

Passwords

Passwords Financial Services IT Phishing

Report shows increase in social engineering

IT Governance

JULY 13, 2018

The report found that about 55% of social media attacks that impersonated customer-support accounts specifically targeted the customers of financial services companies. Organisations need to educate their staff to be alert, vigilant and secure.

Phishing

Phishing Financial Services Education Risk

What (currently ignored) privacy area might result in early enforcement action when the GDPR is in force?

Data Protector

JANUARY 29, 2017

The potential fine for not informing individuals, as their personal data is being collected, about retention periods is of course significant. Does it really mean that in 481 days, European privacy regulators will be heralding the first megafine for non-compliance with one of the GDPR’s more obscure requirements? I think not.

GDPR

GDPR Privacy Compliance Personal data

25% increase in confidential data theft

IT Governance

DECEMBER 7, 2017

Organisations across many industries face the risk of data theft, but those in the financial services sector are particularly vulnerable to the loss of “propriety algorithms”, and recruitment agencies and estate agents risk losing highly valuable client databases.

Education

Education Information Security Financial Services Risk

CyberheistNews Vol 13 #13 [Eye Opener] How to Outsmart Sneaky AI-Based Phishing Attacks

KnowBe4

MARCH 28, 2023

Security awareness training still has a place to play here." Email and other elements of software infrastructure offer built-in fundamental security that largely guarantees we are not in danger until we ourselves take action," Tyson writes. Is the email enticing you to click on a link?' I'm being asked to do something here.'"

Phishing

Phishing Security awareness Insurance Cybersecurity

FCA Publishes Wholesale Banks and Asset Management Cyber Multi-Firm Review Findings

Data Matters

FEBRUARY 28, 2019

The review aimed to look more closely at how wholesale banking and asset management firms oversee and manage their cybersecurity, including the extent to which firms identify and mitigate relevant cyber risks and their current capability to respond to and recover from data security incidents.

Cybersecurity

Cybersecurity Risk Marketing Financial Services

Why Modernization Must Start with Your Employee Workflows

Rocket Software

NOVEMBER 16, 2021

Efficiency impacts revenue, customer service, brand reputation, the list goes on and on. Of course, at Rocket, we believe in the power of cutting-edge technology to keep operations running smoothly for enhanced outcomes. As a result, millions of dollars are spent paying people to engage with systems tediously.

Customer Experience

Customer Experience Financial Services Insurance Compliance

The Importance of “Legacy” in Colleges and Universities

Rocket Software

JUNE 3, 2020

They run efficiently and they are secure. COBOL programming has been around for more than 60 years, and many consider this a “legacy” language, even though it is still used by governments and the financial services sector. Legacy means secure. But the myth about needing specific skills to run these systems?

Agriculture

Agriculture Education Financial Services Government

Protection of Privilege in the Aftermath of a Data Breach

Data Matters

JANUARY 25, 2018

In the aftermath of a significant data security incident, a best practice is to hire a third-party forensic firm, working at the direction of counsel, to review how the breach occurred, what data may have been accessed, whether the incident has ceased and other important issues directly relevant to legal counsel’s review. In Leibovic v.

Data breaches

Data breaches Communications Financial Services Privacy

Protecting the bank in a digital world

CGI

FEBRUARY 21, 2017

As financial services organizations are learning, defences against financial crime must be joined up and layered, bringing together both operational and intelligence resources. Defence is no longer just an IT security issue. What can be done short of throwing billions of dollars at the problem? AFC is not new.

Customer Experience

Customer Experience Financial Services Analytics Risk

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

HL Chronicle of Data Protection

MAY 13, 2019

Of particular concern to state-level policymakers and enforcement authorities are business practices that in their view may contribute to security incidents. The insurance industry has not been immune from such scrutiny, and the imposition of business practice requirements intended to enhance cybersecurity sector-wide.

Insurance

Insurance Cybersecurity Data breaches Financial Services

50 Ways to Avoid Getting Scammed on Black Friday

Adam Levin

NOVEMBER 17, 2020

Mobile payment platforms, like Apple Pay and Google Pay, use advanced technology, like fingerprint authentication and tokenization (in which credit card account numbers are replaced by randomly generated numbers) to provide brick-and-mortar shoppers with an added layer of security. Browse online using secure networks.

Retail

Retail e-Delivery Passwords Phishing

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

DLA Piper Privacy Matters

AUGUST 23, 2021

The PIPL also anticipates that a new publicly-available entity list may be published, listings foreign organisations to whom local China organisations may not transfer personal information, where such transfer may harm national security or public interest. This aligns with a similar provision in the new Data Security Law.

Data Privacy

Data Privacy Privacy Compliance Analytics

Government By Numbers: Some Interesting Insights

John Battelle's Searchblog

OCTOBER 28, 2011

Not to mention retirement (from Social Security to 401ks, etc.). Of course, were such a hypothesis true, one might imagine that the over percentage of GDP represented by government workers would have gone *down* over the past few decades. Social security has risen a lot. No wonder 2008 was such a (continuing) disaster.

Government

Government Education Military Financial Services

New York Regulators Call on Insurers to Strengthen the Cyber Underwriting Process

Hunton Privacy

FEBRUARY 25, 2021

As reported on the Hunton Insurance Recovery blog , on February 4, 2021, the New York Department of Financial Services (“NYDFS”), which regulates the business of insurance in New York, has issued guidelines, in the Insurance Circular Letter No.

Insurance

Insurance Cybersecurity Risk Education

Best practices for hybrid cloud banking applications secure and compliant deployment across IBM Cloud and Satellite

IBM Big Data Hub

NOVEMBER 29, 2023

Financial Services clients are increasingly looking to modernize their applications. Moreover, many of these financial services applications support regulated workloads, which require strict levels of security and compliance, including Zero Trust protection of the workloads. initiative.

Cloud

Cloud Financial Services Security Compliance

Ireland: DPC Produces “Significant Outputs” for 2022 Concluding 17 Large Scale Inquiries

DLA Piper Privacy Matters

MARCH 30, 2023

International Activities Over the course of 2022, the DPC continued to participate in work programmes of European supervisory bodies and, despite continued travel restrictions, the DPC attended and actively participated in monthly plenary meetings (approximately 300).

Personal data

Personal data GDPR Compliance Financial Services

Observations on the Cybersecurity Executive Order and Presidential Policy Directive

Hunton Privacy

FEBRUARY 19, 2013

On May 29, 2009, the President promised to avoid security regulations even though he acknowledged that “the vast majority of our critical information infrastructure in the United States is owned and operated by the private sector.” by passing legislation to give our government a greater capacity to secure our networks and deter attacks.”

Cybersecurity

Cybersecurity Agriculture Risk Government

What Are Firewall Rules? Ultimate Guide & Best Practices

eSecurity Planet

JANUARY 24, 2024

They help IT and security teams manage the traffic that flows to and from their private network. Firewall rules are ordered differently, too, so the network automatically prioritizes the most critical security restrictions and applies those rules above others. Access rules help block known malicious traffic sources.

Access

Access Financial Services Compliance Security

Capturing Paper Documents - Best Practices and Common Questions

AIIM

OCTOBER 22, 2019

Wider and more profitable opportunities exist for organizations to bridge the gap between paper and digital media, especially in traditionally paper-intensive fields such as financial services, healthcare, or government. What are the common issues with Scanning? Scanning is important, but it is not easy to do correctly.

Paper

Paper Computer and Electronics Access Archiving

After the Token Act: A New Data Economy Driven By Small Business Entrepreneurship

John Battelle's Searchblog

OCTOBER 31, 2018

Of course Michelle will leverage Adwords, and Facebook, and any other advertising service to help her new business grow. But none of those services can help her figure out her je ne sai quois – for that, she needs something entirely novel. Transportation Services. Real Estate Services (Commercial).

Marketing

Marketing Retail Blockchain Mining

SHARED INTEL: Akamai reports web attack traffic spiked 62 percent in 2020 — all sectors hit hard

The Last Watchdog

MAY 24, 2021

Akamai, which happens to be the Hawaiian word for “smart,” recently released its annual State of the Internet security report. As a leading global content delivery network (CDN), Akamai has a birdseye view of what is coursing through cyber space moment-by-moment. Financial services is, and always will be, a top target for criminals.

Financial Services

Financial Services Passwords Data breaches Authentication

The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back

Krebs on Security

NOVEMBER 19, 2021

In reality, the fraudster initiates a transaction — such as the “forgot password” feature on the financial institution’s site — which is what generates the authentication passcode delivered to the member. Unfortunately, Otsuka said, the scammers are defeating this layered security control as well.

IT

IT Passwords Authentication Phishing

Tuesday’s Relativity Fest 2019 Sessions: eDiscovery Trends

eDiscovery Daily

OCTOBER 21, 2019

Find out: How they really feel about security? How law firms can provide more valuable services? Mobile Data Best Practices: Legal, Business, and Security Considerations. Data Security in a Data Proliferating World. Hear directly from corporate legal teams about what they want their outside law firms to know.

e-Discovery

e-Discovery e-Delivery GDPR Education

SHARED INTEL: Microsoft discloses how the Nobelium hacking ring engages in routine phishing

The Last Watchdog

JUNE 28, 2021

This of course is how they get a toehold to go deeper. Microsoft said it notified the targeted 150 organizations, which included “IT companies (57%), followed by government (20%), and smaller percentages for non-governmental organizations and think tanks, as well as financial services.” I’ll keep watch and keep reporting.

Phishing

Phishing Passwords Authentication Financial Services

The Hacker Mind Podcast: Hacking APIs

ForAllSecure

JUNE 16, 2021

APIs are vital in our mobile digital world, but the consequences of API security flaws have yet to be seen. During the pandemic sales of the Home Fitness cycle peloton grew massively, given its popularity, it's natural that security researchers would want to take a look. And we've had our fair share of security concerns with those.

Authentication

Authentication Communications IoT Security

The Hacker Mind Podcast: Hacking APIs

ForAllSecure

JUNE 16, 2021

APIs are vital in our mobile digital world, but the consequences of API security flaws have yet to be seen. During the pandemic sales of the Home Fitness cycle peloton grew massively, given its popularity, it's natural that security researchers would want to take a look. And we've had our fair share of security concerns with those.

Authentication

Authentication Communications IoT Security

The Week in Cyber Security and Data Privacy: 8 – 14 January 2024

IT Governance

JANUARY 16, 2024

Securities and Exchange Commission Source 1 ; source 2 (New) Public USA No 0 NETGEAR Source (New) Telecoms USA No 0 Note 1: ‘New’/‘Update’ in the first column refers to whether this breach was first publicly disclosed this week, or whether a significant update was released this week.

Data Privacy

Data Privacy Privacy Manufacturing Retail

Reltio Named a Leader in the 2021 Forrester Wave™ Report for MDM

Reltio

DECEMBER 10, 2021

Reltio scored well in matching, context, governance, business templates, deployment, security, and scalability. Reference customers liked its capabilities around user-friendly search, ease to manage, and reliability, as well as its well-managed software-as-a-service (SaaS) platform.”.

MDM

MDM Analytics Digital transformation Cloud

Comments Sought on Proposed Rulemaking: Computer-Security Incident Notification Requirements for Banking Organizations and Their Bank Service Providers

Data Matters

DECEMBER 23, 2020

Federal Deposit Insurance Corporation (FDIC) approved and the federal banking agencies jointly announced on December 18 a notice of proposed rulemaking, Computer-Security Incident Notification Requirements for Banking Organizations and Their Bank Service Providers (NPR). On December 15, 2020, the U.S.

Security

Security Cybersecurity Insurance Communications

Best Fraud Management Systems & Detection Tools in 2022

eSecurity Planet

SEPTEMBER 16, 2022

In its 2021 Threat Force Intelligence Index , IBM reported that manufacturing and financial services were the two industries most at risk for attack, making up 23.2% Fraud.net offers specific solutions for a number of industries, including gaming, financial services, and eCommerce, as well as government organizations.

Analytics

Analytics Risk Authentication Financial Services

Multi-Factor Authentication Best Practices & Solutions

eSecurity Planet

OCTOBER 5, 2021

But even when passwords are secure, it’s not enough. Initially, security vendors only offered two-factor authentication. Since then, security vendors have introduced new methods for authentication, which can be layered to create a multi-factor authentication solution. This post has been updated for 2021. Something you have.

Authentication

Authentication Passwords Access Computer and Electronics

The Hacker Mind Podcast: Going Passwordless

ForAllSecure

JANUARY 19, 2022

Is there something more secure? Simon Moffatt from CyberHut joins The Hacker Mind to discuss how identity and access management (IAM) is fundamental to everything we do online today, and why even multi-factor access, while an improvement, needs to yield to more effortless and more secure passwordless technology that’s coming soon.

Passwords

Passwords Authentication Access Data breaches

Accelerate hybrid cloud transformation through IBM Cloud for Financial Service Validation Program

CHINA: New draft proposes more stringent requirements for processing data in the financial services industry

Webinars

Trending Sources

Risk Management under the DORA Regulation

Webinars

Catches of the Month: Phishing Scams for October 2023

An Update on the SEC’s Cybersecurity Reporting Rules

Disneyland Malware Team: It’s a Puny World After All

NEW TECH: Cequence Security launches platform to shield apps, APIs from malicious botnets

MY TAKE: Why companies and consumers must collaborate to stop the plundering of IoT systems

Combat the increasing ransomware threat by educating employees

How to Prevent Data Breaches: Data Breach Prevention Tips

Impact of IDP on Business Growth – Customer Onboarding Use Case

Report: Big U.S. Banks Are Stiffing Account Takeover Victims

Report shows increase in social engineering

What (currently ignored) privacy area might result in early enforcement action when the GDPR is in force?

25% increase in confidential data theft

CyberheistNews Vol 13 #13 [Eye Opener] How to Outsmart Sneaky AI-Based Phishing Attacks

FCA Publishes Wholesale Banks and Asset Management Cyber Multi-Firm Review Findings

Why Modernization Must Start with Your Employee Workflows

The Importance of “Legacy” in Colleges and Universities

Protection of Privilege in the Aftermath of a Data Breach

Protecting the bank in a digital world

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

50 Ways to Avoid Getting Scammed on Black Friday

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

Government By Numbers: Some Interesting Insights

New York Regulators Call on Insurers to Strengthen the Cyber Underwriting Process

Best practices for hybrid cloud banking applications secure and compliant deployment across IBM Cloud and Satellite

Ireland: DPC Produces “Significant Outputs” for 2022 Concluding 17 Large Scale Inquiries

Observations on the Cybersecurity Executive Order and Presidential Policy Directive

What Are Firewall Rules? Ultimate Guide & Best Practices

Capturing Paper Documents - Best Practices and Common Questions

After the Token Act: A New Data Economy Driven By Small Business Entrepreneurship

SHARED INTEL: Akamai reports web attack traffic spiked 62 percent in 2020 — all sectors hit hard

The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back

Tuesday’s Relativity Fest 2019 Sessions: eDiscovery Trends

SHARED INTEL: Microsoft discloses how the Nobelium hacking ring engages in routine phishing

The Hacker Mind Podcast: Hacking APIs

The Hacker Mind Podcast: Hacking APIs

The Week in Cyber Security and Data Privacy: 8 – 14 January 2024

Reltio Named a Leader in the 2021 Forrester Wave™ Report for MDM

Comments Sought on Proposed Rulemaking: Computer-Security Incident Notification Requirements for Banking Organizations and Their Bank Service Providers

Best Fraud Management Systems & Detection Tools in 2022

Multi-Factor Authentication Best Practices & Solutions

The Hacker Mind Podcast: Going Passwordless

Stay Connected