JHA_HeaderImage_Blog_v6

Top Spear Phishing Attacks & How to Reduce the Risk of Your Employees Taking the Bait

Posted by Karen Crumbley

Wed, Feb 26, 2020 @ 10:37 AM

This post was co-written by Karen Crumbley, Gladiator®, ProfitStars, and Keith Haskett, Rebyc Security. Karen has been providing Educational Risk Mitigation online training courses and encouraging community bankers to engage in conversations with their peer banks and vendors about how best to mitigate risks within their own institutions. She has also been a valued member of Jack Henry & Associates for thirteen years. Keith led the Risk and Information Security Consulting Services practice at CSI for several years, then co-founded Rebyc to deliver offensive security solutions customized to meet the needs of the highly-regulated, financial services industry.

Despite all of the strides made in the security industry to mitigate phishing scams, they continue to be one of the most successful forms of fraud. One of the primary reasons is due to the extensive efforts bad actors are making to research and observe their targets’ behavior. They monitor and research the users’ activity in order to craft sophisticated and convincing emails that even computer-savvy users struggle to identify, known as spear phishing attacks. Financial institutions (FIs) are faced with combatting phishing fraud through Information Security Awareness and Social Engineering Testing to keep employees up to date on the latest scams. The following list includes common types of spear phishing fraud targeting FI employees. You can share this information across your organization to boost ongoing education efforts.

Read More

Topics: Cybersecurity, Risk/Fraud

A Proven Approach for Enhancing Your Cyber Security and Business Continuity Testing

Posted by Tom Williams

Wed, Jan 29, 2020 @ 10:28 AM

Over the past several years, I’ve had the pleasure of working with many financial institutions (FIs) reviewing and testing both their Incident Response Plan (IRP) for Cyber Security and Business Continuity/Disaster Recovery Plans (BC/DRP). I am pleased to say that most FIs have plans in place to deal with unplanned outages, whether cyber or disaster related. However, the effectiveness of those plans to truly protect the FI and its customers is highly dependent on testing the plan at various levels.

One of the challenges of testing is keeping people involved and excited about the testing process. Getting them to show up for the tests, and more importantly, to follow up and modify their portion of the plan based on the test results.

Read More

Topics: Information Security, Cybersecurity, Risk/Fraud

Comparing Clouds: Is A Private Cloud Environment a Better Choice than Public for Hosting Your Infrastructure?

Posted by Sebastian Fazzino

Wed, Dec 04, 2019 @ 09:56 AM

Cyber threats are becoming increasingly sophisticated, complex and pervasive, leaving financial institution (FI) and consumer data more vulnerable than ever before. As risk proliferates, it is no longer a question of if an attack will happen, but rather when fraudsters will strike. FIs, as a result, are challenged to keep up with evolving cybersecurity initiatives, IT regulatory compliance demands, and critical disaster preparedness issues – all while staying within budget and focusing on other significant priorities, such as lending and deposit growth.

Read More

Topics: Financial Institution, Cybersecurity, Risk/Fraud

The Seven Deadly Sins of Credit Management

Posted by Patrick True

Fri, Nov 15, 2019 @ 08:30 AM

Most of us have heard of the seven deadly sins, but did you know there are also seven potentially damaging actions or inactions that can lead to credit loss? Lenders of all types should consider this list throughout every stage of the loan cycle and for all types of credit. These sins can show up at any time. While in some cases they are the primary cause of a credit loss, they are more likely what causes a loss to be greater than it otherwise would have been had the situation been handled differently. As you begin the new year, consider an open discussion with your consumer and commercial lending staff to ensure no one commits the seven deadly sins of credit management.

Read More

Topics: Commercial Lending, Risk/Fraud

Liquidity Concerns on the Horizon?

Posted by Brandon Baker

Wed, Nov 13, 2019 @ 10:01 AM

My seven year-old son wanted a really scary costume for Halloween this year. Naturally, I suggested one of the scariest things I could think of: a liquidity crisis! Can you imagine the terrified looks on the faces of the other children when they saw all the red numbers indicating that funding sources weren’t going to meet the funding needs? Oh, the horror!

Read More

Topics: Data Management, Risk/Fraud, Data and Analytics

Security Risk Assessments – A Balance of Risk and Controls

Posted by Viviana Campanaro

Wed, Nov 06, 2019 @ 09:29 AM

Risk – the possibility that something undesirable will occur – is always around us. And we make decisions based around risk every day, from the moment we take our first step, ride our first bike, drive our first car, or buy our first home. These types of risks are usually common and easily understood. As such, we have health insurance in case we get sick or injured, wear helmets on our bikes, wear seatbelts in our cars, and install alarm systems in our homes, all to reduce the risks around us. We understand that we can choose to either accept, transfer, or avoid the risks.

The way we manage security risk within the financial industry is similar, and yet, we often have difficulty doing it efficiently. Risk assessments can make us groan and very seldom make us happy, mostly because there are different types of assessments used to manage different types of risk. We check the compliance box, but don’t always have a complete picture of the issues that could result in a significant breach at the FI. So, how do we bridge the gap between business and security risk?

Read More

Topics: Financial Institution, Cybersecurity, Risk/Fraud

Fintechs and Risk Management

Posted by Craig Laures

Wed, Sep 18, 2019 @ 10:00 AM

Fintech providers play an important role in the financial services industry. Banks and credit unions rely heavily on fintechs to sustain compliant efficient operations, process payments and other data, protect information and deliver service to customers in a variety of ways. Partnerships with fintechs offer expertise you may not otherwise have the resources to acquire. Thus, the reward for engaging with trusted providers. On the other side of the reward equation is risk inherent with third-party relationships.

Read More

Topics: Fintech, Partnership, Community Banks, Risk/Fraud

Exploring the Natural Evolution of Commercial Lines of Credit

Posted by Paul McCulloch

Fri, Sep 06, 2019 @ 11:00 AM

The commercial line of credit is evolving, for two reasons. First, because it’s time. Second, because it can. The current expansion of the U.S. economy has now become the longest in our history. As we move further into the economic cycle and a period of slower growth, it will become necessary for financial institutions to more closely monitor the condition of their business clients as well as their primary sources of repayment. Fortunately, this is coming at a time when the evolution of financial technology and data analysis has opened the door to affordable and efficient methods of doing just that. This opportunity has begun to be realized as big data organizations start merging their technology with commercial loan monitoring systems.

Read More

Topics: Commercial Lending, Risk/Fraud, Data and Analytics

When It Comes to Resiliency, Can You Handle The Truth?

Posted by Eric Flick

Wed, Sep 04, 2019 @ 11:00 AM

I love movies. One of my favorites is A Few Good Men starring Jack Nicholson and Tom Cruise. In the movie’s climactic scene, Cruise, a military lawyer, demands the truth from Nicholson’s Col. Jessup character. In what has become one of Nicholson’s most famous movie lines, he intensely blurts out, “you can’t handle the truth!” In my 30+ years of working with technology, most of it around the financial services industry, I often find this statement bouncing around in the back of my mind as I’m talking with IT professionals.

Read More

Topics: Financial Institution, Information Security, Future Ready, Risk/Fraud

Data Analytics: What's the Hype About?

Posted by Jennifer Geis

Tue, Feb 05, 2019 @ 11:00 AM

 

There is no doubt that we live in a world full of data, and it’s multiplying at astounding rates. With the advent of the internet and our love affair with social media, the amount of data is increasing like never before. It is shocking if you stop to think about how much data is being created every minute of each day. From streaming videos, social media posts, online searches, emails and texts, to banking and payment transactions, the examples go on and on.

Read More

Topics: Data Management, Community Banks, FI Operations, Risk/Fraud, Data and Analytics

Subscribe to Email Updates

Recent Posts