JHA_HeaderImage_Blog_v2.png

Security Risk Assessments – A Balance of Risk and Controls

Posted by Viviana Campanaro

Wed, Nov 06, 2019 @ 09:29 AM

Risk – the possibility that something undesirable will occur – is always around us. And we make decisions based around risk every day, from the moment we take our first step, ride our first bike, drive our first car, or buy our first home. These types of risks are usually common and easily understood. As such, we have health insurance in case we get sick or injured, wear helmets on our bikes, wear seatbelts in our cars, and install alarm systems in our homes, all to reduce the risks around us. We understand that we can choose to either accept, transfer, or avoid the risks.

The way we manage security risk within the financial industry is similar, and yet, we often have difficulty doing it efficiently. Risk assessments can make us groan and very seldom make us happy, mostly because there are different types of assessments used to manage different types of risk. We check the compliance box, but don’t always have a complete picture of the issues that could result in a significant breach at the FI. So, how do we bridge the gap between business and security risk?

Read More

Topics: Financial Institution, Cybersecurity, Risk/Fraud

Why Backup is a Critical Part of Your Cybersecurity Strategy

Posted by Eric Flick

Wed, Jun 05, 2019 @ 11:05 AM

It is often overlooked, but it is important to note that backup is a critical part of your cybersecurity strategy. What does backup have to do with your cybersecurity strategy? Backup is a back-office process. Cybersecurity is a frontline approach.

Although there are several frontline and defensive-minded approaches that are more critical than backup, backup is often overlooked. It’s an important part of your multi-layered approach to cyber readiness.

Read More

Topics: Cybersecurity, Community Banks, Data and Analytics

Saving Your Data Means Saving Your Customers

Posted by Eric Flick

Wed, May 01, 2019 @ 03:17 PM

I don’t know about you, but I can remember a time when there were only about a dozen holidays on the calendar. Now it seems like almost every day is National fill-in-the-blank Day.

Disaster Recovery (DR) and Business Continuity (BC) practitioners are up for fun as much as the next person, so not to be left out of this trend, there are a couple of related items you should put on the calendar for the next time they roll around.

Read More

Topics: Cybersecurity, Data Management, Business Continuity, Community Banks, User Centricity

The Team Approach to Cybersecurity

Posted by Jennifer Roland-Vlach

Wed, Jan 16, 2019 @ 11:00 AM

The FFIEC’s Cybersecurity Assessment Tool (CAT) is crucial for compliance, and the IT Regulatory Compliance group always likes to cover it. Since the 2015 release of the CAT, I have noticed a trend that I believe is worth sharing. I have spoken with financial institutions (FIs) that have recently experienced personnel changes – such as new Network Administrators or new Information Security Officers. I like to ask if the new contact knows that the CAT has been updated, and often the answer is no. Or, as is often the case with the shuffle of personnel, the new hire does not know where to even find the most recent CAT, much less know whether it has been updated.

Read More

Topics: Compliance, Cybersecurity

Mobile Wallets: Where are we Now?

Posted by Jennifer Geis

Wed, Jan 02, 2019 @ 11:00 AM

 

Big Hype Low Volume

The biggest names in Fintech, such as Google, Apple, and Samsung, have invested millions of dollars in mobile wallet technology. Big Banks like Citi, Bank of America, and Chase have followed suit. Yet if we look at the mobile wallet market today, usage has been meniscal, and adoption has been slow. After years of disappointing wallet growth, mobile wallet providers are desperate to make their investments pay off as even more competitors are entering the field fighting for market share. Which mobile wallets are ahead of the pack?

Read More

Topics: Credit Unions, Digital and Community Banking, Payments, Cybersecurity, Digital, Community Banks

Holiday Shopping Safety

Posted by Strategically Speaking

Wed, Nov 14, 2018 @ 11:00 AM

Naughty or nice! A perfect holiday line to summarize what cardholders, financial institutions, and merchants wonder about each credit and debit card transaction this time of year.

We know once fall arrives that the holiday season is close behind. Physical stores and online sites begin promotions and holiday décor early, well before Thanksgiving arrives. Consumers start shopping early. We move fast. Fraudsters count on that.

Read More

Topics: Financial Institution, Payments, Information Security, Cybersecurity

Become More #CyberAware about Current Threat Trends

Posted by Karen Crumbley

Mon, Oct 22, 2018 @ 11:00 AM

Cybersecurity attacks have become increasingly sophisticated and harder to detect. Cyber criminals are getting more creative in their methods to commit fraud by using a combination of technology along with social engineering to yield results. End users need to defend themselves by becoming knowledgeable on how these crimes are executed. Keeping up-to-date on current threats is an important step in safeguarding your information. Additionally, you can create awareness and educate other stakeholders by passing information along to increase your security and asset protection. Below is a list of trends that are occurring in the threat landscape.

Read More

Topics: Credit Unions, Cybersecurity, Community Banks

Top Employee Cybersecurity Training Pitfalls to Avoid

Posted by Karen Crumbley

Mon, Oct 15, 2018 @ 11:00 AM

A common approach for planning your employee cybersecurity awareness training is to forge ahead, complete it, and remove it from the checklist of “to do” items. Yet any Information Security Officer (ISO) will tell you that their goal for employee cybersecurity awareness training is to have a well-informed staff that is equipped to mitigate fraud.

Read More

Topics: Credit Unions, Cybersecurity, Community Banks, FI Operations

Data Encryption Overview - Is It Secret, Is It Safe?

Posted by Robert Hudecek

Wed, Sep 19, 2018 @ 11:00 AM

The New York State Department of Financial Services (DFS) cybersecurity requirements for financial services companies went into effect on Septembers 4 of this year. On the surface, it may look like these regulations only pertain to the state of New York – but in reality, they include any party who processes or is otherwise permitted access to Nonpublic Information of New York State origin. Simply put, if your financial institution does work for any New York resident, you may now be subject to this regulation.

Read More

Topics: Credit Unions, Compliance, Cybersecurity, Community Banks, Data and Analytics

A Fresh Take on Preparedness for the C-Suite and IT Managers

Posted by Eric Flick

Wed, Sep 12, 2018 @ 11:00 AM

 

September is National Preparedness Month. Historically, this month has been promoted to bring focus to readiness for natural disasters such as hurricanes, tornadoes, and flooding. As we head into the peak of the Atlantic hurricane season, wildfires and flash flooding have captured the headlines.

In today’s threat landscape, any financial institution (FI) likely has a higher probability of a cyber event than a naturally occurring disaster – so it’s no coincidence that October is National Cyber Security Awareness Month. As responsible C-Suite and IT representatives, we recognize our responsibility to our FI and our customers to be prepared for both!

Read More

Topics: Credit Unions, Financial Institution, Compliance, Cybersecurity, Community Banks, FI Operations

Subscribe to Email Updates

Recent Posts