DEFENSESTORM

RESOURCES

Thought leadership and customer testimonials are some of the many ways we build a community of trust. These resources highlight our recent research and success stories.

DefenseStorm
Election Scams

Insights

Election Scams

With election season beginning to ramp up, it’s important to be aware and prepared for the barrage of phishing, smishing, vishing, and other “ishing” scams and campaigns that are sure to follow. Just this weekend, I received multiple texts related to voting and polling, so let’s explore a few of the common scams and tactics that bad actors will try to leverage to obtain your personal information.

The Rise of Banking Trojans in Rogue Mobile Apps

Insights

The Rise of Banking Trojans in Rogue Mobile Apps

Banking trojans continue to evolve and succeed due to their ability to persist, bypass security, and evade detection on mobile devices. As investment from fast-moving threat actors continues to increase, traditional security practices are unable to keep up.

New GRID Active Governance Program and Reporting Functionality – Linking Dashboards to Task Schedules

Insights

New GRID Active Governance Program and Reporting Functionality – Linking Dashboards to Task Schedules

DefenseStorm has recently updated its GRID Active Governance Program with new functionalities, further enhancing its capabilities as a powerful cyber risk management solution.  Organizations now can link dashboards to task schedules for scheduling and documenting report reviews.

New GRID Active Risk Assessment Functionality – Exception Tracking and Reporting

Insights

New GRID Active Risk Assessment Functionality – Exception Tracking and Reporting

DefenseStorm has recently updated its GRID Active Risk Assessment with new functionalities, further enhancing its capabilities as a powerful cyber risk management solution with GRID Active Risk Assessment Exceptions.

PSA:  Apple’s Name Drop Feature

Insights

PSA: Apple’s Name Drop Feature

Apple just rolled out a new default feature for iPhone and Apple watch that allows nearby users to share contact information with one another.  This feature has sparked some concern in online social communities and even prompted law enforcement agencies to release statements and privacy warnings over the last few days due to the concern that people could “drop” information on another user’s phone at random, which seems scary.

CISO on Cyber Risk: Embracing Accountability and Transparency in the Wake of the SolarWinds Lawsuit

Insights

CISO on Cyber Risk: Embracing Accountability and Transparency in the Wake of the SolarWinds Lawsuit

Insights from the desk of Chief Information Security Officer, William Wetherill

The Importance of Asset Management

Insights

The Importance of Asset Management

Cybersecurity is a critical concern for any organization, regardless of its size or industry; however, for financial institutions (FIs), it’s vital due to the sensitive data and valuable assets they are entrusted to safeguard. While there are many aspects to consider in building a robust cybersecurity program, one crucial component is effective asset management.

DefenseStorm releases User Behavior Analytics (UBA) model in GRID Active Fraud Detection

Insights

DefenseStorm releases User Behavior Analytics (UBA) model in GRID Active Fraud Detection

Powered by machine learning to help better proactively detect fraud, financial institutions can monitor suspicious non-monetary activities for individuals to complement rules-based approaches and detect fraudulent activities.

SIM Swapping

Insights

SIM Swapping

If you stay up to date with cybersecurity news and events, you are likely bombarded with technical analysis of the latest ransomware, malware, dropper, trojan, or vulnerability that was exploited by bypassing controls and using “living off the land” techniques.  While these tactics, techniques, and analyses are incredibly important and useful, we can often forget that it’s sometimes the simple, age-old ways of getting your information and property that can also harm us.
That’s where SIM swapping comes in. 

GRID Active Fraud Detection:  Alert Enhancements

Insights

GRID Active Fraud Detection: Alert Enhancements

As fraud detection and prevention continue to be crucial in today’s digital landscape, it’s imperative for fraud investigators to utilize efficient tools that empower and support their investigative work.  The current Trigger and Alert views have been strategically modified to enhance the service provided to fraud investigators where they can now see relevant information that is intuitive to their role.

AI and its Impact on Cybersecurity Part 3: The DefenseStorm Approach

Insights

AI and its Impact on Cybersecurity Part 3: The DefenseStorm Approach

In our final entry into our series, AI and its Impact on Cybersecurity, we will explore how DefenseStorm utilizes AI in our own built-for-banking technology.

The Human Firewall: Strengthening the Weakest Link in Cybersecurity

Insights

The Human Firewall: Strengthening the Weakest Link in Cybersecurity

Innovative technology has revolutionized the way we work and live by unlocking a wealth of new capabilities. As artificial intelligence makes daily operations more efficient and flexible, people become increasingly reliant on the luxury of digital technology. Of course, businesses then competitively introduce the latest and greatest to meet the demands. With new technology and changed business operations comes exposure to new cyber risks, prompting companies to prioritize and invest in stronger cybersecurity measures.

AI and its Impact on Cybersecurity Part 2:  The Role of AI in Financial Services

Insights

AI and its Impact on Cybersecurity Part 2: The Role of AI in Financial Services

The financial sector has seen a significant transformation due to digital technology. The industry has been pushed to be more dynamic to meet the demands of customers, regulatory requirements, and security threats, and remain competitive while safeguarding customer data and assets.

Understanding Business Email Compromise

Insights

Understanding Business Email Compromise

Business email compromise (BEC) is a type of cyberattack that usually occurs through some type of social engineering campaign where the criminals assume the identity of a trusted person or organization and attempt to influence their victims into providing money through transfers or other digital payments, divulging personal information, making phony purchases, providing credentials to accounts, etc

 

Redefining Cybersecurity Part 5: Cyber Risk Awareness

Insights

Redefining Cybersecurity Part 5: Cyber Risk Awareness

The previous posts in this series have covered topics like shifting from cybersecurity to proactive cyber risk management, reinforcing cyber risk readiness, bridging communication gaps, and harnessing the power of a buyer’s guide to build a robust cyber risk management solution. While these are integral to designing an efficient cyber risk management program, the final and crucial piece of the puzzle is cyber risk awareness. If your employees lack awareness of the constantly evolving threats to your financial institution (FI), they become a significant liability to your security, despite your adherence to the latest recommendations and employment of state-of-the-art technology.

AI and its Impact on Cybersecurity Part 1: Role of AI in Cybersecurity

Insights

AI and its Impact on Cybersecurity Part 1: Role of AI in Cybersecurity

The role of artificial intelligence (AI) has had an unprecedented impact on cybersecurity. AI is transforming daily business practices and enhancing the customer experience for most industries, but it is imperative to effectively balance technological advancement with close oversight while these technologies are rolled out.

NCUA Cyber Incident Notification Requirements

Insights

NCUA Cyber Incident Notification Requirements

NCUA Cyber Incident Notifications Requirement goes into effect September 1, 2023.  The final rule requires that covered institutions notify the NCUA as soon as possible, and no later than 72 hours, after the credit union reasonably believes it has experienced a reportable cyber incident or received a notification from a third party regarding a reportable cyber incident.

Redefining Cybersecurity Part 4: The Power of a Buyer’s Guide

Insights

Redefining Cybersecurity Part 4: The Power of a Buyer’s Guide

In the Redefining Cybersecurity: Bridging the Communication Gap blog, we discussed resources and tools that can help open a dialogue with decision-makers. One of the resources is a Buyer’s Guide which was created by DefenseStorm as a vendor-neutral tool to help financial institutions (FIs) efficiently shop around for new solutions.

Redefining Cybersecurity Part 3:  Bridging the Communication Gap

Insights

Redefining Cybersecurity Part 3: Bridging the Communication Gap

An effective cyber risk management strategy requires everyone within the FI to work together with a unified goal for budget allocation and solution implementation.

You Play Like You Practice: Preparedness for Cyber Incidents

Insights

You Play Like You Practice: Preparedness for Cyber Incidents

Military, law enforcement, and first responders train constantly to be prepared for anything that they may face during their careers, so when those particular situations arise, they are confident, efficient, and knowledgeable about how to deal with and resolve the incident.  Incident response in cybersecurity is no different.

Redefining Cybersecurity Part 2: Cyber Risk Readiness

Insights

Redefining Cybersecurity Part 2: Cyber Risk Readiness

With a deeper understanding of this shift in ideology from reactive to proactive solutions, the question arises about your financial institution’s (FI’s) level of cyber risk readiness.

Redefining Cybersecurity Part 1: Cyber Risk Management

Insights

Redefining Cybersecurity Part 1: Cyber Risk Management

In this series, Redefining Cybersecurity, we will walk your FI through the process of evaluating your current state of cyber risk readiness so you can employ more efficient solutions to stay threat ready and compliant.

Tips for Handling Endpoint Attacks

Insights

Tips for Handling Endpoint Attacks

By following a well-established response plan, organizations can help ensure the confidentiality and integrity of their systems and data.

Fraud Fusion Centers: The NEW Way to Stop Cyber Fraud

Insights

Fraud Fusion Centers: The NEW Way to Stop Cyber Fraud

With a resolute effort to unite against the threat of cyber fraud, Fraud Fusion Centers are being embraced across all industries to effectively combat cyber fraud.

Future of AI in Cybersecurity: The Power of Partnership

Insights

Future of AI in Cybersecurity: The Power of Partnership

As artificial intelligence (AI) technology enriches various aspects of our lives, a critical question remains regarding whether its capabilities and implications will drive cybersecurity toward success or serve as a catalyst for its downfall.

Enhanced Incident Monitoring: From a Limited to Comprehensive View

Insights

Enhanced Incident Monitoring: From a Limited to Comprehensive View

GRID Active Threat Surveillance now includes an Incident Similarity feature which leverages machine learning to enhance incident management.

GRID Active Self Service Restores

Insights

GRID Active Self Service Restores

Navigating the complex world of financial regulations and data retention just got easier with DefenseStorm’s latest innovation.

GRID Active Risk Assessment Quantitative Scoring Model

Insights

GRID Active Risk Assessment Quantitative Scoring Model

DefenseStorm offers a proactive approach to cyber risk management so financial institutions can stop cyberthreats before they become destructive cyberattacks, allowing them to better protect their account holder and communities.

Four New Frameworks in GRID Active Governance Program

Insights

Four New Frameworks in GRID Active Governance Program

Within our DefenseStorm Governance Program, our clients can systematically collect evidence from across the platform to document adherence to frameworks and self-assessments.

Is It Possible to Take the Pain Out of Cyber Risk Assessments?

Insights

Is It Possible to Take the Pain Out of Cyber Risk Assessments?

If you’ve ever been involved with a risk assessment, you know just how painful it can be. Learn how you can reframe how you think about risk assessments and consider some new, fresh approaches.