Show All

Jan 27, 2016 10:30:00 AM

Your Bank Needs a Secure Big Data Approach

Not long ago, Big Data was little more than a term bandied around by the technology, sales, and marketing communities. Today, this body of intelligence is used across virtually every sector, like banking, that integrates online and offline customer channels.

With continued exponential increases in data collection (50 times year over year), big data has become an accepted – and expected – part of a cohesive operational strategy. But it’s not without challenges. 

Continue reading >

Topics: Big Data, Data Security

Feb 11, 2015 11:13:00 AM

Security Tales from the Wrong Side of Teller Row

Picture it: you are at the next technology conference boasting about how you just spent your entire IT budget to buy the best security equipment on the market. You have earned the admiration of your peers. And then comes a call from the IT department. An employee has compromised your system by clicking on a malicious link in a phishing email, thinking it was a legitimate message from the helpdesk.
Social engineering is what happens when an individual uses manipulative tactics to have an employee bypass network security in order to access otherwise confidential information. This manipulation can take the form of a spam email, a phone call pretending to be an angry customer, or even someone walking through the front door impersonating a vendor.

Continue reading >

Topics: Data Security

Jan 28, 2015 10:34:00 AM

Four Ways to Reduce Bank Risk in a Consumer Data Breach

For the average consumer, a data breach most often looks something like this:

  • I use my card to make a purchase

  • Security measures are insufficient to protect my data

  • A hacker steals my records or card information

  • I report the theft to my bank

  • The bank sends a new card

  • I file a dispute with the bank for any charges that aren’t mine but still feel anxiety about using my card

In Q3 2014 alone, a scenario like this impacted 183 Million accounts, according to the Breach Level Index. In 2014, a record 783 big data breaches were tracked by the Identity Theft Resource Center. They hit almost every industry, with healthcare and retail/business leading the list. Big name corporations were affected – most notably, Target, Home Depot, JP Morgan Chase, Community Health Systems, New York, White Hotels and Neiman Marcus.

Continue reading >

Topics: Data, Data Security

Apr 2, 2014 10:30:00 AM

It’s 2AM, Do You Know Who’s On Your Network?

In light of the recent data breach at Target, IT risk buzz words are swirling the banking industry, and rightly so. The cost of a security breach can cripple any business and, certainly, a financial institution. 

The Target breach has cost banks at least $200 million related to card reissuance and increased customer service activity with impacted account holders. So far, there are approximately 80 lawsuits against Target by banks and consumers, in hopes of recovering losses.

You may be thinking to yourself, “Only the largest banks and card issuers have the same exposure to hacking or cybercrime as a retail giant such as Target.” While the largest companies have more PCs, network devices, and people (via social engineering) to hack, organizations of all sizes are vulnerable.

In fact, the root of the Target breach was traced to a 125 employee, privately held HVAC contractor doing business with Target. The contractor was connected to Target’s systems using an EDI-type interface for invoicing refrigeration services. Hackers compromised the HVAC contractor’s IT system and piggy backed into Target's network.

While you can’t control the security of cardholder data outside of your networks, financial institutions can significantly reduce the impact of a large scale breach by implementing a sound risk management program. Such a program incorporates active network security monitoring, vendor risk monitoring and incident response handling.

As a start to assessing your IT risk universe, financial institutions should answer the following three questions:

Continue reading >

Topics: Risk Assessment, Data Security