RESOURCES

Innovative technology has revolutionized the way we work and live by unlocking a wealth of new capabilities. As artificial intelligence makes daily operations more efficient and flexible, people become increasingly reliant on the luxury of digital technology. Of course, businesses then competitively introduce the latest and greatest to meet the demands. With new technology and changed business operations comes exposure to new cyber risks, prompting companies to prioritize and invest in stronger cybersecurity measures.

The financial sector has seen a significant transformation due to digital technology. The industry has been pushed to be more dynamic to meet the demands of customers, regulatory requirements, and security threats, and remain competitive while safeguarding customer data and assets.

Business email compromise (BEC) is a type of cyberattack that usually occurs through some type of social engineering campaign where the criminals assume the identity of a trusted person or organization and attempt to influence their victims into providing money through transfers or other digital payments, divulging personal information, making phony purchases, providing credentials to accounts, etc

As peer-to-peer (P2P) digital payment platforms like Venmo and Paypal rapidly grew in popularity for their ability to provide easy, convenient money transfers, several major banks collaborated to create Zelle. The new transfer application promised to be “the next big thing” in banking, yielding near-instantaneous transfers directly between banks. Unfortunately, with new digital technology comes increased risk.

A small business owner recently fell victim to a sophisticated bank scam that drained her life savings, where scammers exploited two-factor authentication to gain access and withdraw money from her account. This cautionary story serves as a warning about the increasing prevalence of fraud and emphasizes the significance of using effective fraud detection systems.

NCUA Cyber Incident Notifications Requirement goes into effect September 1, 2023.  The final rule requires that covered institutions notify the NCUA as soon as possible, and no later than 72 hours, after the credit union reasonably believes it has experienced a reportable cyber incident or received a notification from a third party regarding a reportable cyber incident.

In the Redefining Cybersecurity: Bridging the Communication Gap blog, we discussed resources and tools that can help open a dialogue with decision-makers. One of the resources is a Buyer’s Guide which was created by DefenseStorm as a vendor-neutral tool to help financial institutions (FIs) efficiently shop around for new solutions.

An effective cyber risk management strategy requires everyone within the FI to work together with a unified goal for budget allocation and solution implementation.

Military, law enforcement, and first responders train constantly to be prepared for anything that they may face during their careers, so when those particular situations arise, they are confident, efficient, and knowledgeable about how to deal with and resolve the incident.  Incident response in cybersecurity is no different.

With a deeper understanding of this shift in ideology from reactive to proactive solutions, the question arises about your financial institution’s (FI’s) level of cyber risk readiness.

In this series, Redefining Cybersecurity, we will walk your FI through the process of evaluating your current state of cyber risk readiness so you can employ more efficient solutions to stay threat ready and compliant.

By following a well-established response plan, organizations can help ensure the confidentiality and integrity of their systems and data.

With a resolute effort to unite against the threat of cyber fraud, Fraud Fusion Centers are being embraced across all industries to effectively combat cyber fraud.

As artificial intelligence (AI) technology enriches various aspects of our lives, a critical question remains regarding whether its capabilities and implications will drive cybersecurity toward success or serve as a catalyst for its downfall.

GRID Active Threat Surveillance now includes an Incident Similarity feature which leverages machine learning to enhance incident management.

Navigating the complex world of financial regulations and data retention just got easier with DefenseStorm’s latest innovation.

DefenseStorm offers a proactive approach to cyber risk management so financial institutions can stop cyberthreats before they become destructive cyberattacks, allowing them to better protect their account holder and communities.

Within our DefenseStorm Governance Program, our clients can systematically collect evidence from across the platform to document adherence to frameworks and self-assessments.

If you’ve ever been involved with a risk assessment, you know just how painful it can be. Learn how you can reframe how you think about risk assessments and consider some new, fresh approaches.

The older and hopefully wiser I get, the more I find myself both grateful and amazed to get paid to do the work I love.

In part one of this blog post, we gave you an in-depth look into the new Computer Security Incident Notification Rule. This is the rest of the story…

The OCC, Board, and FDIC released the final rule, Computer-Security Incident Notification Requirements for Banking Organizations and Their Bank Service Providers, on Nov. 23, 2021, which goes into effect April 1, 2022, and requires mandatory compliance on May 1, 2022.

Open dialog and idea sharing are how we build a community of trust at DefenseStorm, and everyone plays a role in that – speak up and encourage others to do the same!

It’s a matter of supply and demand. As in, the supply of cybersecurity professionals in the United States – and actually worldwide – is much lower than demand calls for.

We owe our information security teams the same kind of focused support the NFL provides to their officials, coaches and teams. The job is challenging. The stakes are high. And they “only need to be wrong once.”

If you have good data, if you’re monitoring your ML, and if you pair it with great people, then you’re much better off in protecting your institution as cyberthreats continue to involve.

Artificial intelligence and machine learning are terms that are used so frequently these days, it’s not clear what they even mean anymore, what’s real, and what’s not… and this is coming from someone who’s worked in the space for quite some time.

The Biden administration has issued one of the most wide-reaching orders mandating that most federal agencies must patch hundreds of cybersecurity vulnerabilities considered major risks for damaging intrusions into government computer systems. What does this mean for your financial institution?