BankNews Cover

Cybersecurity - Page 2

Updating Incident Response Plans

By Jim Baird
Incident Response Plans (IRP) have been expected by banking regulators for years. But with the ever-increasing threats of cybercrime, malware, breaches, ransomware and other cyber threats, the expectations have morphed into having a far more robust, comprehensive, cyber-ready and tested IRP. Further, the Federal Financial Institutions Examination Council’s Cybersecurity Assessment Tool devotes an entire domain to the topic (Domain 5: Cyber Incident Management and Resilience).


Select Your Technology Vendors . . . Carefully

By Charles Cheatham

Today, bankers have more technology and more technology vendors providing services and support to their banks than ever before. Using third-party vendors can allow banks to reduce risk, control costs and focus more efficiently on achieving strategic goals.


How Cybersecurity Affects Board Dynamics

By Stephanie Chaumont

As a security consultant, I have spent time talking with management and members of the boards of directors at several institutions. And I can tell you that they run the gamut of security-mindedness and technology knowledge. I have met directors who want to know what’s going on in the IT department and are well-versed in information security and cybersecurity threats; there are others who want nothing to do with anything IT-related. But board members now have an excellent resource to improve their knowledge: Overview for Chief Executive Officers and Boards of Directors, released last year with the Federal Financial Institution Examination Council’s Cybersecurity Assessment Tool.


Cybersecurity and Compliance: What You Need to Know

By Tom Hinkel

Cybersecurity has become a topic of interest to every financial institution as regulators increase their focus on cyber risks and controls. Third-party relationships are often the weakest link in the cybersecurity chain, as a whopping 43 percent of companies had a data breach in 2014, according to Ponemon Institute. Subsequently, the release of both the Federal Financial Institutions Examination Council’s Cybersecurity Assessment Tool and the updated FFIEC Management Examination Handbook has heightened awareness of cybersecurity for the financial industry and the importance of accurate cybersecurity assessments.


Cybersecurity Threats: Your New No. 1 Risk

By Robert Mendez

As a board member or a member of the bank’s executive team, understanding the levels of risk you’re accepting for your bank, your customers and for yourself is essential. CEOs and executives of non-banking firms, such as Target, have lost their jobs because they didn’t understand the cybersecurity risks their businesses were accepting. Bankers have additional concerns about financial risks and the penalties regulators may assess if cybersecurity risks are not being effectively managed by the board.


FDIC Publishes a Bank Customer’s Guide to Cybersecurity

March 9 – Consumers increasingly rely on computers and the Internet for everything from shopping and communicating to banking and bill paying. While the benefits of faster and more convenient “cyber” services are clear, the strategies for preventing online fraud and theft may not be as well-known by many bank customers. That is why the FDIC has produced a special edition of the agency’s quarterly FDIC Consumer News (Winter 2016) entitled “A Bank Customer’s Guide to Cybersecurity.”


CyberSecurity Experts Warn of Acecard Malware Targeting Android Banking Apps

Feb. 22 – The Kaspersky Lab Anti-malware Research Team has detected a dangerous Android banking Trojans capable of attacking users of nearly 50 different online financial applications and services. The Acecard malware is able to bypass Google Play store security measures.


Cybersecurity Experts Warn of Dridex Trojan Targeting Banking Customers

February 16 – Built to harvest the banking credentials of victims, the virulent Dridex Trojan is now one of the most dangerous pieces of financial malware in circulation, spread by massive spam campaigns that can overwhelm organizations hit by them. (more…)

Support Voiced for President’s Cybersecurity Initiative

February 12 – Several trade groups applauded President Barack Obama’s announcement of a Cybersecurity National Action Plan. (more…)

Free Cybersecurity Webinar

Mitigating Password Risk to Reduce Your Chances of a Data Breach

FEBRUARY 18, 2016 — 2 p.m. Eastern 1 p.m. Central 11 a.m. Pacific

CLICK HERE to register.

Passwords are the primary method of accessing financial networks and applications. They are also the primary way hackers gain unauthorized access to an organization’s data and systems.


Kryptronic Internet Software Solutions