Latest Tweets

Attend Wolf's 6/19 Investment Advisor roundtable to learn what you need to know about GIPS http://t.co/88ZoziH4r0

Barclays is the first bank to use voice authentication in call centers via @BankTechNews in this BTC http://t.co/5Ah8u2PfGA

Visit Wolf & hear Jerry Gagne discuss DDoS Attacks 1-2 at @NYbankers #TCRM13 http://t.co/mDTmavNUaX

  Follow us on Twitter

  Visit us on LinkedIn

  Like us on Facebook

Banking Technology Connections: October 2, 2012

October 2, 2012


On Wednesday, September 19, the Financial Services Information Sharing and Analysis Center (FS-ISAC) increased its threat level for cyber-attacks from "elevated" to "high." If that sentence doesn't intimidate you, then you probably read it wrong. The threat level was raised amid warnings of potential Distributed Denial of Service (DDoS) attacks against Financial Institutions after certain institutions, including Bank of America and J.P. Morgan Chase, reported web site outages. Additionally, there is also a newly identified critical vulnerability within Microsoft's Internet Explorer application which was just recently patched. The good news is that this should be an unnecessary warning, because if you've implemented effective controls and procedures, your institution should be in a good place to identify any attempted attacks, and prevent any major damage.

However, it's never a bad time to double check your procedures and review your environment to ensure that the individuals charged with information security within your institution (and there's a good chance that's you) are staying diligent and making sure that security controls are in place and that system activity is being monitored.  FS-ISAC is a partnership created to share information regarding threats, vulnerabilities, and events relevant to security of the financial services industry. The partnership is made up of public and private sector entities, including government agencies, commercial companies and academic sources.

Sources

http://www.bankinfosecurity.com/high-risk-what-alert-means-to-banks-a-5132

http://blogs.reuters.com/financial-regulatory-forum/2012/09/21/financial-cybercrime-a-national-security-threat-u-s-justice-department-official-warns/

http://www.washingtonpost.com/business/bank-security-group-warns-of-possible-attacks-on-bank-websites-raises-threat-level/2012/09/20/d9dd15b6-033b-11e2-9132-f2750cd65f97_story.html

http://www.fsisac.com/

One Tuesday each month we will feature comments from our professionals on topical issues. This month's contributor is Patrick S. King, CISA, a Supervisor in the IT Assurance Services group.  Please feel free to contact Patrick with any questions at pking@wolfandco.com.

Interesting Articles of the Week
Windows PCs and Macs at risk of another zero-day Java bug 
(via @mattputvinski)

FDIC has just created a new, third category of violations for banking exams
(via @complianceweek)

Citi Now Offering Paperless ATM Receipts
(via @CiscoFSI)

Phishing your employees? U.S. banks on high alert against cyberattacks
(via @mattputvinski)

Upcoming Events
10/15/12 (New York, NY)
ISACA NY: COBIT 5 - One Day Class!

10/15/12 (Chesterbrook, PA)
ISACA PA: 2012 Fall Training Conference

10/16/12 (Waltham, MA)
ISSA New England: Security Assessments on the Cheap

10/17/12 (Marlborough, MA)
Massachusetts Bankers Association: IT Audit Training 2012

10/17/12 (Boston, MA)
ISACA New England: Cybercrime and the Secret Service

10/25/12 (Mohegan Sun, CT)
WolfPAC User Conference

11/2/12 (Atlantic City, NJ)
NJ Bankers Association: BankHorizons

11/29/12 (Las Vegas)
WolfPAC User Conference

Questions? Interested in learning more about Wolf's IT Assurance and Security services?
Please contact Matthew J. Putvinski, CPA, CISA, CISSP, Member of the Firm and Director of IT Assurance and Security services, at (617) 428-5479 or mputvinski@wolfandco.com.  If you would like to subscribe to this newsletter and receive it via email please contact Sam Sexer at ssexer@wolfandco.com.

View more insights »


Your Contact

News view all