Regulatory Reality:

August, 2010

1

August 25, 2010  4:07 PM

Are you GLBA compliant and ready for year-end?



Posted by: David Schneier
Audit, business continuity, business continuity planning, compliance, FDIC, GLBA, NCUA, penetration test, penetration testing, regulatory, Regulatory Compliance, risk, risk assessment, Security, security awareness, social engineering, Vendor Management, vulnerability test

Summer at home officially ended this morning as my children returned to school.  Beyond the fact that I consider it cruel and inhuman punishment to resume academic activities before Labor Day, it also serves as a wake-up call that we're well past mid-year on the traditional calendar and eying the...

August 16, 2010  2:43 PM

Data security risks in the new age of banking



Posted by: David Schneier
Audit, bank, banking, cloud, cloud computing, credit union, FDIC, GLBA, merger, NCUA, NPPI, PII, regulatory, Regulatory Compliance, risk, risk assessment

Earlier this month, I blogged about my concerns regarding a drop-off in information security oversight by banking regulators. In this age of safety and soundness first, everything else is second, if at all.  It's more than a week later and I'm not feeling any better about things; as a matter of...


August 2, 2010  9:29 PM

Where’s the information security oversight?



Posted by: David Schneier
Audit, bank, banking, bcp, CISO, compliance, compliance officer, FDIC, FIL, GLBA, information security, regulatory, Regulatory Compliance, Security, vulnerability test

We were watching a baseball game the other night when one of Microsoft's recent IE8 security commercials aired.  It's the one where a fictitious bank is set up and people off the street, deceived by its appearance, wind up turning over boat loads of personally identifiable information (PII)...


1

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: