The line forms on the left, as state banking associations representing banks from three New England states have filed a class action lawsuit against TJX Companies Inc., in response to the company’s credit and debit card breach in which more than 45 million cards may have been compromised. More banks are...
The revelation by TJX Companies, owner of T.J. Maxx and other retail brands, that at least 45.7 million credit and debit cards were compromised over several years highlights anew the risks associated with processing card transactions and the need to protect the information they contain.
The banking industry is one of the most highly regulated and closely supervised among those handling sensitive consumer information. Besides being subject to security breach disclosure laws at the state and federal levels, it must comply with industry-specific laws and regulations related to information security and...
The Gramm Leach Bliley Act may not appear to have anything to link it to the Voice Over IP technology being implemented in financial institutions, but IT departments and Information Security officers should look closely at how the new phone systems may be audited under GLBA regulations. GLBA audits would focus more on...
At your institution you’re considered the person who has thought of every possible security angle, and when it comes to locking down the systems, networks and Internet based offerings, you’re confident that you’ve met or exceeded everyone’s expectations for privacy, security. You’ve...
Financial institutions can expect increased scrutiny on information security policies in 2007 as regulators devise new oversight standards.
In December, the Public Company Accounting Oversight Board (PCAOB), which establishes rules for compliance with Sarbanes-Oxley, proposed a new standard for Sarbox section...
The Gramm-Leach-Bliley Act (GLBA) contains a rule, known as the Safeguard Rule, under which the Federal Trade Commission and other federal agencies have established standards for financial institutions relating to administrative, technical, and physical safeguards for customer information. The objectives are to ensure...
Exploitations that threaten security are on the rise. Every day, news stories document the rampant growth of attacks and exploits. The types of attacks vary - Denial of Service (DoS), buffer overflow, identity theft, session hijacking, website defacements, email viruses, worms, phishing scams, and the list goes on. ...
Who knows? Maybe two and three–factor authentication will become a thing of the past and five–factor authentication will take its place. The same issue with encryption has been encountered over the years. With this example in mind, does it make sense for law to be involved in the technological details?...
To the Board of Directors Federal Deposit Insurance Corporation:
We reviewed information systems general controls[Footnote 1] in connection with our calendar year 2001 financial statement audits of the Federal Deposit Insurance Corporation’s (FDIC) Bank Insurance Fund, Savings Association Insurance...
Omar Herrera September 1st 2005 While we are not analyzing the ethical nature of a hacker, we must still consider a hacker to be a person who maintains a superior level of technical knowledge and abilities. Therefore, by definition we must then accept that there are hackers with good intentions (gurus) and hackers...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.