SearchFinancialSecurity: GRC in the financial services industry

Advocacy group looks to foster trust in foreign service providers

Marcia Savage — Thu, 23 Apr 2009 12:22:29 EDT

A formal agreement with two Indian technology organizations expands the reach of the BITS program, with the goal of fostering trust in the security controls of international service providers.

PCI costs slow compliance projects in down economy

Marcia Savage — Tue, 13 Jan 2009 09:58:20 EST

PCI projects at some financial-services firms face scrutiny and funding shortfalls due to economy.

PCI 1.2: Seven key changes for financial organizations

Rick Lawhorn, Contributor — Tue, 09 Dec 2008 16:40:15 EST

PCI DSS version 1.2 was released on Oct. 1. So what changes will effect financial services firms? In this tip, we explore seven key changes that financial firms need to pay attention to.

Using an information security council

Eric Holmquist, Contributor — Tue, 11 Nov 2008 14:38:17 EST

Getting cross-discipline cooperation for company-wide, security related policies is a challenge many financial firms face. Expert Eric Holmquist suggests creating an information security council to overcome this problem. In this tip, learn what attributes the council should have.

Rogue activity thwarted by early warning systems

Keith White, Contributor — Tue, 07 Oct 2008 14:36:08 EDT

Early warning systems are some of the most helpful in tracking down and eventually stopping rogue employees. So what's the best way to create such a system and identify associates that are putting the institution at risk? Expert Keith White gives his advice.

Strategic metrics for information security at financial services firms

Pete Lindstrom, Contributor — Tue, 23 Sep 2008 13:48:13 EDT

Risk and information security can be tough to measure, however information security metrics can help. Expert Pete Lindstrom shares his picks for the top 10 strategic information security metrics.

Black Monday 2008 has security pros nervous

Sarah Hurley, Editor — Thu, 18 Sep 2008 10:48:48 EDT

Information security pros in the financial sector know layoffs and budget cuts are likely in store, but some opportunistic firms may be able to take advantage of the fallout.

Metrics don't truly quantify information risk

Mike Rothman, Contributor — Tue, 16 Sep 2008 12:57:49 EDT

Mike Rothman explains his point of view on why metrics programs need to evolve from trying to truly quantify information risk to something that actually works.

Partner data privacy: Issuing stricter guidelines

Carolyn E. Gibney — Tue, 02 Sep 2008 14:17:31 EDT

When working with third parties, data privacy is paramount. In this tip, Dick Mackey explains how financial firms are facing pressure from partners about data privacy and what they can do about it.

Outsourcing compliance strategies

Michael Rasmussen, Contributor — Tue, 12 Aug 2008 15:58:02 EDT

The strain that compliance efforts can put on resources at financial services has led to an increase in compliance outsourcing. Expert Michael Rasmussen lays out strategies financial firms should (and shouldn't) do when outsourcing their compliance-related efforts.