BankInfoSecurity.com RSS Syndication

Wells Fargo Reveals Data Breach

Thousands of Consumer Records Compromised by Data Theft from Vendor
A Wells Fargo bank access code was used to steal the personal information of roughly 5,000 consumers, leading the bank to conduct a full-scale inquiry into the data breach.

Wells Fargo says it was notified on July 1 by MicroBilt, an online consumer and commercial credit bureau information provider, that someone had used a Wells Fargo access code to obtain data on 7,000 consumers from its computers.

Application Security Whitelisting: Keep the Bad Guys Out - Let the Good Guys In

Interview with Brent Rickles, SVP, First National Bank of Bosque County, on Securing Financial Data and Systems Through Application Whitelisting
"Whitelisting" is a new twist on information security. Instead of trying to find a software solution that keeps all of the potential bad guys out of your systems, whitelisting allows you to establish a protection layer that grants access to only your finite list of good guys - individuals or applications.

In this exclusive interview sponsored by Lumension Security, Brent Rickles, SVP of First National Bank of Bosque County, Texas, discusses:

What led him to a whitelisting security solution;

The quantifiable results he's seen since deploying the solution;

Reaction he's received from bank examiners since taking this approach.

Lessons Learned from TJX

Interview with Cyber Crime Expert Eric Fiterman
In the wake of the arrests of 11 hackers tied to the TJX data breach, security experts everywhere are warning of bigger, bolder threats to come.

So, what should banking institutions have learned from TJX-style breaches, and what can they do now to protect their customers and critical financial/informational assets?

In this interview, former FBI agent Eric Fiterman, founder of Methodvue, offers:

Insights on the TJX and other breach investigations;

How banking institutions can better protect their assets;

The types of crimes institutions need to look out for in the months ahead.

NIST- Guide for Security Authorization of Federal Information Systems: A Security Lifecycle Approach

NIST, in cooperation with the Office of the Director of National Intelligence (ODNI), the Department of Defense (DOD), and the Committee on National Security Systems (CNSS), announces the completion of an interagency project to develop a common process to authorize federal information systems for operation. The initial public draft of NIST Special Publication 800-37, Revision 1, Guide for Security Authorization of Federal Information Systems: A Security Lifecycle Approach, is now available for a six-week public comment period.

OCC Allows National Bank Offices Affected by Hurricane Fay to Close

The Office of the Comptroller of the Currency today issued a proclamation allowing national bank offices affected by Hurricane Fay to close at their discretion.

FRB - Request for comment on proposed change to Regulation S (Right to Financial Privacy)

The Federal Reserve Board on Wednesday requested public comment on a proposed change to Regulation S (Right to Financial Privacy), which sets the rates and conditions under which a government agency must reimburse a financial institution for costs incurred in producing customer financial records under the Right to Financial Privacy Act.

OTS Announces Webinar on Identity Theft Rules and Guidelines

The Office of Thrift and Supervision will hold a live 90-minute telephone briefing on Monday, August 11 from 2-3:30 p.m. to provide savings associations with valuable information about federal Identity Theft rules and guidelines that go into effect on November 1, 2008. Hear from compliance and information security experts at OTS and have an opportunity to ask questions and get answers.

Protecting the Exchange of Sensitive Customer Data with Your Vendors

For financial institutions, data security is both an operational and regulatory imperative. A bank or financial services provider that fails to protect a customer's financial data faces the threat of losing customers, tarnishing their reputation and eventually losing competitive advantage. There are some key questions you should think about when it comes to securing your customers' important financial data, including:

How does regulatory compliance, like GLBA, affect the way your data needs to be handled & audited?
Who has access to your sensitive files?
What would the impact be if these files, including sensitive customer data, were compromised?
Where and when is this data being sent?
Why would you let employees/partners share your files over insecure FTP, email or IM?

Questions still linger on how to meet compliance regulations that affect financial institutions, like GLBA, PCI, and SOX.

With increased government regulation and oversight in the form of mandates such as GLBA, PCI, etc., no organization that deals with financial information can afford to ignore the very real challenge of ensuring data security, integrity, and privacy.

Learn more about how your organization can meet these compliance challenges as it relates to financial data security as well as how to manage your partners to ensure that they are also following acceptable data sharing practices. And hear how other financial institutions are tackling these very important data security issues.

Application Security Whitelisting: Keep the Bad Guys Out - Let the Good Guys In

Interview with Brent Rickles, SVP, First National Bank of Bosque County, on Securing Financial Data and Systems Through Application Whitelisting

"Whitelisting" is a new twist on information security. Instead of trying to find a software solution that keeps all of the potential bad guys out of your systems, whitelisting allows you to establish a protection layer that grants access to only your finite list of good guys - individuals or applications.

In this exclusive interview sponsored by Lumension Security, Brent Rickles, SVP of First National Bank of Bosque County, Texas, discusses:

What led him to a whitelisting security solution;
The quantifiable results he's seen since deploying the solution;
Reaction he's received from bank examiners since taking this approach.

Lessons Learned from TJX

Interview with Cyber Crime Expert Eric Fiterman

In the wake of the arrests of 11 hackers tied to the TJX data breach, security experts everywhere are warning of bigger, bolder threats to come.

So, what should banking institutions have learned from TJX-style breaches, and what can they do now to protect their customers and critical financial/informational assets?

In this interview, former FBI agent Eric Fiterman, founder of Methodvue, offers:

Insights on the TJX and other breach investigations;

How banking institutions can better protect their assets;

The types of crimes institutions need to look out for in the months ahead.

Identity Theft Red Flags Rule Survey: Inside Look at the Surprising Findings

Interview with Tom Field, Editorial Director at Information Security Media Group

As Nov. 1 looms, Identity Theft Red Flags Rule compliance is an absolute must for financial institutions. Information Security Media Group recently surveyed 300 banking and credit union leaders to gauge their progress toward compliance. The results have proven intriguing, even surprising. In this interview, Information Security Media Group Editorial Director Tom Field provides:

Overview of the findings;

Analysis of what they mean;

Insight into challenges banking institutions face before and after Nov. 1.