Cybersecurity and Technology Blog

BE LEERY OF FREE SECURITY

Wednesday, October 21, 2015

For many people, the best part of mobile security software isn’t the fact that they are getting the best protection; it’s that they are getting the best price. After all, who doesn’t want free anti-virus protection? Nonetheless, the concept of “free” software can lead to many consequences.

Categories: Blog

WHO'S RESPONSIBLE FOR YOUR CUSTOMER DATA?

Friday, September 18, 2015

The FFIEC makes sure to remind us in multiple instances of guidance that it is ULTIMATELY the Board of Directors and Senior Management's responsibility to ensure the protection of YOUR customer data. Financial institutions must understand HOW their customers information is being protected.

Categories: Blog

CATO: BEWARE OF THE MAN IN THE EMAIL

Thursday, September 3, 2015

In 2015 California-based Ubiquiti Networks fell victim to a $46M CATO scheme using a simple, yet complicated attack from a familiar technology - email. Man-in-the-email scams highlight the importance of monitoring cybersecurity trends and continually updating your CA Risk Assessment process.

Categories: Blog

COLLEGE STUDENTS: A HACKER'S BFF (BEST FRIEND FOREVER)

Monday, August 17, 2015

School is back in session, and cybercriminals around the world are licking their chops. Hackers target college students through different avenues - Craigslist, Xbox, eBay… you name it, they are exploiting it.

Categories: Blog

WHAT YOU NEED TO KNOW ABOUT ANDROID STAGEFRIGHT

Thursday, August 6, 2015

On July 21st Mobile Security Firm Zimperium announced a vulnerability for Android. Potentially affecting nearly 1 billion Android devices, this is being referred to by some as the “Heartbleed of Android.” While this vulnerability is a huge risk, there are some simple things use...

Categories: In the News, Whitepapers

HEARD OF 1800?

Monday, August 3, 2015

Last time we had a new series for IT was in 1990, that's 25 years ago! In the past 30 days there has been significant activity around cybersecurity between NIST and FFIEC.

Categories: Blog, In the News

INTERPRETING YOUR FFIEC CAT RESULTS

Monday, July 27, 2015

Great questions this week from bankers on the Cybersecurity Assessment process and how to interpret the results. I wanted to provide some general feedback on how to interpret your Risk/Maturity Relationship.

Categories: Blog

IS THE FFIEC CYBERSECURITY ASSESSMENT TOOL REQUIRED?

Friday, July 17, 2015

The question that has been discussed in detail by examiners, bankers, and experts is this – “Is the FFIEC Cybersecurity Assessment Tool required?” I want to highlight a few clear facts that will hopefully help you decide, not necessarily is the tool required, but should I complete it today?

Categories: Blog

WHAT DO YOU NEED TO KNOW ABOUT THE FFIEC CYBERSECURITY ASSESSMENT TOOL?

Friday, July 3, 2015

As promised in their 2014 Cybersecurity Observations publication, the FFIEC has released new guidance in the form of a Cybersecurity Assessment Tool. As one would expect, it has a heavy focus on CEO and Board level involvement, as well as tying controls to other FFIEC and NIST resources in...

Categories: Blog, In the News

HOW WHITELISTING HELPS PREVENT AND DETECT CATO

Wednesday, June 17, 2015

Many financial institutions and business customers have experienced the type of electronic banking theft known as Corporate Account Takeover (CATO). With this type of compromise, thieves attack the customer’s computer system and use this access to fraudulently change the ACH origination file.

Categories: Blog