5 Keys for Data Breach Prevention

In 2015, the banking, credit and financial industries have reported more than 40 data breaches that exposed more than 400,000 records. The breached entities range in size from a 200-location independent mortgage company to global banks with high name recognition.

Data breaches don’t just happen to large banks. Community banks also fall prey to cyber-attacks and breaches. When a data breach occurs, it’s increasingly becoming a question of “when,” not “if,” are you prepared?

Read More

FFIEC Emphasizes Board Involvement in Cybersecurity

The Federal Financial Institutions Examination Council’s updated guidance for bank examiners emphasizes that executives and boards of directors must approve IT plans that contain strategies for addressing emerging and ongoing cyber threats.

Read More

FFIEC Issues Cyber-attack Extortion Alert

On Nov. 3, 2015, the Federal Financial Institutions Examination Council has issued an alert calling on financial institutions to take specific risk mitigation steps due to an increase in the frequency and severity of cyber-attacks involving extortion.

The FFIEC statement was prompted by recent reports of distributed denial-of-service attacks tied to extortion, such as those by the group known as DD4BC. Ransomware attacks have also been on the rise. The FFIEC is urging banks to take specific steps to mitigate these risks.

Read More

FBI Renews Warning About Phishing Scams

The FBI has recently issued a renewed warning about what it calls the Business Email Compromise, a scam being used against companies that use wire transfers for payments.

Just like many breaches, this scam usually starts with socially engineered phishing.

Read More

Email schemes still a threat. Do you have phishing protection?

A $46.7 million business email compromise scheme that targeted Ubiquiti Networks, Inc. shows just how little cybercriminals have to do to fool employees into unknowingly committing wire fraud.

Ubiquiti, a wireless networking technology provider, announced that it had been targeted by an email impersonation scheme that convinced employees in its finance department to fraudulently schedule wire transfers to overseas accounts.

Read More

FFIEC Guidelines Gives More Details on Cybersecurity Initiatives

New business continuity guidelines from the Federal Financial Institutions Examination Council give more details on the cybersecurity initiatives banks and credit unions will be asked to address during upcoming examinations.

These new guidelines are likely the result of the FFIEC’s cybersecurity assessment program that was piloted at 500 community institutions last summer.

Read More

FFIEC Releases Cybersecurity Assessment Tool

On June 30 the Federal Financial Institutions Examination Council released its Cybersecurity Assessment Tool. The tool is designed to help banks of all sizes assess identity risks and weaknesses in their cybersecurity preparedness programs.

Read More

Is Your Bank Ready for EMV?

With card-present fraud liability shift right around the corner in October, it’s important for everyone to understand how these changes affect them as well as the other changes that EMV brings to the financial world.

Largely this breaks down into two types of fraud that EMV is designed to mitigate: counterfeit cards and lost or stolen cards.

Read More

Cyber-attacks Targeting Community Banks

Cyber-attacks are targeting more than top-tier banks and Fortune 500 businesses. Increasingly, community banks and credit unions, as well as other small businesses, are more likely to be targeted by cyber-attacks because hackers believe small businesses present easier targets. One of the dangers that affect many smaller businesses is self-inflicted because in many cases community banks feel like they’re not large enough to be an enticing target to hackers and other cyber-criminals. It’s this type of thinking that poses one of the greatest threats to community banks and credit unions.

Read More