Cybersecurity

Perspectives on third-party risk management

9/1/2021
As I wrote in my column last year, third-party risks continue to be one of a bank’s greatest risks. Properly addressing these risks as a part of your overall business strategy is challenging.

Zero trust model

8/1/2021
On May 12, 2021, President Biden issued an Executive Order to implement new policies aimed at strengthening the nation’s cybersecurity.

More regulations in cybersecurity?

7/1/2021
Regulations are nothing new to financial organizations. In fact, the consensus is whether it’s a traditional bank or a modern fintech startup, they are among the most heavily regulated businesses already — and have been for some time.

Cyber insurance premiums continue to climb

6/1/2021
The global insurance company, AXA, will no longer write policies in France that reimburse customers for extortion payments made to ransomware criminals. How much longer before the same applies in the U.S.?

Back to business

5/1/2021
As normal banking activities resume, list of concerns includes mandated vaccinations, special accommodations and paid leave

Cybersecurity in AI, including machine learning

5/1/2021
Recently, the Board of Governors of the Federal Reserve System, CFPB, FDIC, NCUA and OCC released a request for information and comment on financial institutions’ use of artificial intelligence and machine learning.

Vulnerabilities, patches & exploits, oh my

4/1/2021
I’m writing this column just days after the Microsoft Exchange vulnerability release, and I’m sure that by the time this is published, it will be much, much worse.

Stopping PPP Fraud

2/1/2021
The first rounds of PPP helped more than five million small businesses in the United States in the amount of $525 billion in funding, but not without a dark side to the program.

Cybersecurity for the Board of Directors

2/1/2021
Cyber threats are daunting. Not only are they complex and constantly evolving, but they also have the potential to impart significant financial and reputational damage to our financial institutions.

Year in review and what to expect in 2021

1/1/2021
Changes in technology have been revolutionizing business for a long time but recently this trend has been expedited due to the rapid increase in work-from-home as well as the adoption of technologies such as the cloud.

How can something so good be so bad?

12/1/2020
Social media has changed the ways we live our lives — from the way we get our news to the way we interact with our family, friends and peers. It’s everywhere, it’s unavoidable, it’s powerful and it’s here to stay.

Cybersecurity and politics

11/1/2020
Here we are almost to 2021. Do you feel any more cybersecure? Just this year, we’ve seen a 20% increase in cyber fraud and abuse and a startling 200% increase in business email compromises.

Information sharing and collaboration

10/1/2020
For the 17th year in a row, the National Cyber Security Alliance and CISA have announced October as Cybersecurity Awareness Month. This year’s theme is “Do Your Part. #BeCyberSmart.”

Red Alert

10/1/2020
During the COVID-19 pandemic, it is critical that you and your institution’s employees exercise caution and remain nimble in your cyber defenses to prevent falling victim to one of the many attacks and scams.

Business email compromise is a growing trend

5/1/2020
Business email compromise is a sophisticated scam that targets both businesses and individuals that transact legitimate transfer of funds requests.

Incident response is continuous

3/1/2020
As companies get better at detecting cyber events and data breaches, most continue to struggle with the proper handling of these incidents.

‘The main thing is to keep the main thing the main thing’

2/1/2020
“The main thing is to keep the main thing the main thing,” written by famous business author, Stephen Covey, should especially ring true as we’ve entered into a new decade.

Strong cyber banks, stronger cyber communities

1/1/2020
A survey conducted by The Harris Poll found that an overwhelming majority of consumers (92%) have concerns about the security of their personal, confidential online data.

Third-party risk — Where do we start?

12/1/2019
Vendor risk management has become a crucial area of cybersecurity as banks move operations to the cloud and asset managers hire third parties to manage their technology.

ATM theft — Why steal the cookie when you can steal the cookie jar?

11/1/2019
The theft of ATMs is yet another crime that continues to plague our industry. This includes the rise of cyber threats to ATMs, such as skimming, shimming, cash-out and jackpotting, as well as the age-old technique of crash and grab the whole ATM.

Ike and cybersecurity leadership

10/1/2019
When most people think about cybersecurity, they think about technology. But the human element remains the most significant challenge we face when it comes to cyber vulnerabilities.

The battle against cybercrime

10/1/2019
Steps to improve cyber resiliency. Financial institutions with successful cyber risk management programs take a holistic approach to the policies, processes and people required.