DEFENSESTORM
Thought leadership and customer testimonials are some of the many ways we build a community of trust. These resources highlight our recent research and success stories.
Insights
Innovative technology has revolutionized the way we work and live by unlocking a wealth of new capabilities. As artificial intelligence makes daily operations more efficient and flexible, people become increasingly reliant on the luxury of digital technology. Of course, businesses then competitively introduce the latest and greatest to meet the demands. With new technology and changed business operations comes exposure to new cyber risks, prompting companies to prioritize and invest in stronger cybersecurity measures.
Insights
The financial sector has seen a significant transformation due to digital technology. The industry has been pushed to be more dynamic to meet the demands of customers, regulatory requirements, and security threats, and remain competitive while safeguarding customer data and assets.
Insights
Business email compromise (BEC) is a type of cyberattack that usually occurs through some type of social engineering campaign where the criminals assume the identity of a trusted person or organization and attempt to influence their victims into providing money through transfers or other digital payments, divulging personal information, making phony purchases, providing credentials to accounts, etc
Insights
As peer-to-peer (P2P) digital payment platforms like Venmo and Paypal rapidly grew in popularity for their ability to provide easy, convenient money transfers, several major banks collaborated to create Zelle. The new transfer application promised to be “the next big thing” in banking, yielding near-instantaneous transfers directly between banks. Unfortunately, with new digital technology comes increased risk.
Insights
The previous posts in this series have covered topics like shifting from cybersecurity to proactive cyber risk management, reinforcing cyber risk readiness, bridging communication gaps, and harnessing the power of a buyer’s guide to build a robust cyber risk management solution. While these are integral to designing an efficient cyber risk management program, the final and crucial piece of the puzzle is cyber risk awareness. If your employees lack awareness of the constantly evolving threats to your financial institution (FI), they become a significant liability to your security, despite your adherence to the latest recommendations and employment of state-of-the-art technology.
Insights
The role of artificial intelligence (AI) has had an unprecedented impact on cybersecurity. AI is transforming daily business practices and enhancing the customer experience for most industries, but it is imperative to effectively balance technological advancement with close oversight while these technologies are rolled out.
Insights
A small business owner recently fell victim to a sophisticated bank scam that drained her life savings, where scammers exploited two-factor authentication to gain access and withdraw money from her account. This cautionary story serves as a warning about the increasing prevalence of fraud and emphasizes the significance of using effective fraud detection systems.
Insights
NCUA Cyber Incident Notifications Requirement goes into effect September 1, 2023. The final rule requires that covered institutions notify the NCUA as soon as possible, and no later than 72 hours, after the credit union reasonably believes it has experienced a reportable cyber incident or received a notification from a third party regarding a reportable cyber incident.
Insights
In the Redefining Cybersecurity: Bridging the Communication Gap blog, we discussed resources and tools that can help open a dialogue with decision-makers. One of the resources is a Buyer’s Guide which was created by DefenseStorm as a vendor-neutral tool to help financial institutions (FIs) efficiently shop around for new solutions.
Insights
An effective cyber risk management strategy requires everyone within the FI to work together with a unified goal for budget allocation and solution implementation.
Insights
Military, law enforcement, and first responders train constantly to be prepared for anything that they may face during their careers, so when those particular situations arise, they are confident, efficient, and knowledgeable about how to deal with and resolve the incident. Incident response in cybersecurity is no different.
Insights
With a deeper understanding of this shift in ideology from reactive to proactive solutions, the question arises about your financial institution’s (FI’s) level of cyber risk readiness.
Insights
In this series, Redefining Cybersecurity, we will walk your FI through the process of evaluating your current state of cyber risk readiness so you can employ more efficient solutions to stay threat ready and compliant.
Insights
By following a well-established response plan, organizations can help ensure the confidentiality and integrity of their systems and data.
Insights
With a resolute effort to unite against the threat of cyber fraud, Fraud Fusion Centers are being embraced across all industries to effectively combat cyber fraud.
Insights
As artificial intelligence (AI) technology enriches various aspects of our lives, a critical question remains regarding whether its capabilities and implications will drive cybersecurity toward success or serve as a catalyst for its downfall.
Insights
GRID Active Threat Surveillance now includes an Incident Similarity feature which leverages machine learning to enhance incident management.
Insights
Navigating the complex world of financial regulations and data retention just got easier with DefenseStorm’s latest innovation.
Insights
DefenseStorm offers a proactive approach to cyber risk management so financial institutions can stop cyberthreats before they become destructive cyberattacks, allowing them to better protect their account holder and communities.
Insights
Within our DefenseStorm Governance Program, our clients can systematically collect evidence from across the platform to document adherence to frameworks and self-assessments.
Insights
If you’ve ever been involved with a risk assessment, you know just how painful it can be. Learn how you can reframe how you think about risk assessments and consider some new, fresh approaches.
Insights
The older and hopefully wiser I get, the more I find myself both grateful and amazed to get paid to do the work I love.
Insights
In part one of this blog post, we gave you an in-depth look into the new Computer Security Incident Notification Rule. This is the rest of the story…
Insights
The OCC, Board, and FDIC released the final rule, Computer-Security Incident Notification Requirements for Banking Organizations and Their Bank Service Providers, on Nov. 23, 2021, which goes into effect April 1, 2022, and requires mandatory compliance on May 1, 2022.
Insights
Open dialog and idea sharing are how we build a community of trust at DefenseStorm, and everyone plays a role in that – speak up and encourage others to do the same!
Insights
It’s a matter of supply and demand. As in, the supply of cybersecurity professionals in the United States – and actually worldwide – is much lower than demand calls for.
Insights
We owe our information security teams the same kind of focused support the NFL provides to their officials, coaches and teams. The job is challenging. The stakes are high. And they “only need to be wrong once.”
Insights
If you have good data, if you’re monitoring your ML, and if you pair it with great people, then you’re much better off in protecting your institution as cyberthreats continue to involve.
Insights
Artificial intelligence and machine learning are terms that are used so frequently these days, it’s not clear what they even mean anymore, what’s real, and what’s not… and this is coming from someone who’s worked in the space for quite some time.
Insights
The Biden administration has issued one of the most wide-reaching orders mandating that most federal agencies must patch hundreds of cybersecurity vulnerabilities considered major risks for damaging intrusions into government computer systems. What does this mean for your financial institution?