Devesh Panchwagh, Delta-risk.net, March 24, 2017
There’s no doubt that bank data breaches cost businesses money, but there are costs associated with breaches that add up beyond a round dollar figure. Most studies that calculate the costs from breaches focus on short-term quantifiable costs such as discovering and mitigating the breach and recovering assets. But the long-term, indirect breach costs — costs such as hits to the stock price, brand reputation, and reduced customer loyalty — can be harder to quantify.
Joanna Belbey, Forbes.com, March 30, 2017
At a recent financial services event, leading cyber security experts explored how employees using social media can enable a cyber-attack at your firm. Greg Ruppert, Senior Vice President, Chief, Financial Crimes Investigations Group, Charles Schwab & Co., Inc. moderated a panel of Malcolm Palmore, Assistant Special Agent in Charge, Federal Bureau of Investigation, Patrick A. Westerhaus, Director, Cyber Crime Intelligent Unit of Enterprise Information Security, Wells Fargo & Company and Dan Nadir, VP of Product Management, Proofpoint to discuss the risks of social media and how fight back. (Contributor’s note: Dan Nadir is my colleague at Proofpoint.)
Dan Butcher, efinancialcareers.com, March 14, 2017
Banks are desperate to hire cyber security professionals and a shortage of talent means they’re looking outside of the financial services industry. Goldman Sachs turned to the White House for its new cyber security lead, while Morgan Stanley hired a counter-terrorism expert and BNP Paribas recruited from consulting.
Brian Krebs, Krebsonsecurity.com, March 16, 2017
For the second time in the past nine months, Google has inadvertently but nonetheless correctly helped to identify the source of a large credit card breach — by assigning a “This site may be hacked” warning beneath the search results for the Web site of a victimized merchant.
Mathew J. Schwartz, Bankinfosecurity.com, March 6, 2017
Indeed, the Crypt0L0cker ransomware – originally tied to the Gameover Zeus gang – has returned, researchers warn, and in some cases is digitally signed to make it appear legitimate. And various attack campaigns continue to spread other types of crypto-locking ransomware, for example fling Cerber and Sage Locker via emails sent from short-lived domain names.
Elena Prokopets, Tech.co, March 1, 2017
If there ever was a tech revolution that is impacting every corner of the world, it is fintech. Traditional financial institutions are being forced to re-think their products and services. Previously unbanked individuals are now getting banked through mobile providers. Personal finance management is largely shifting online – you can get insured, invest in stocks or pay your bills through an app.
Kieren McCarthy, Theregister.co.uk, February 22, 2017
The Dutch banking industry is doing a terrible job of online security, according to the company that runs the country’s .nl internet domains. In a new report published Tuesday, the internet registry SIDN was surprised to find that just six per cent of banks using .nl internet addresses have the security protocol DNSSEC in place to protect their digital assets and their customers.
David Bisson, Grahamcluley.com, February 24, 2017
A new Android banking trojan poses as a legitimate weather forecast app in an effort to steal users’ banking credentials.
Brian Krebs, Krebsonsecurity.com, February 26, 2017
This blog has featured several stories about “overlay” card and PIN skimmers made to be placed atop Ingenico-brand card readers at store self-checkout lanes. I’m revisiting the topic again because a security technician at a U.S.-based retailer recently shared a few photos of several of these devices pulled from compromised card terminals, and the images and his story offer a fair bit more detail than in previous articles.
Algirde Pipikaite, Thehill.com, March 29, 2017
U.S. financial service companies are among the favorite targets of hackers and cyber thieves. An effective attack may result in millions of dollars in gains. One successfully-executed cyberattack might bring wealth that lasts a lifetime.
Justin Samanski-Langille, Business.financialpost.com, March 8, 2017
Last week, New York State’s new cyber security requirements for financial institutions came into full effect, including mandatory minimum standards for protecting customer data for firms that fall under the state financial watchdog’s purview. But it isn’t just Wall Street giants who are being affected.