While the news sensationalizes cyber threats from bad actors and nation states, the reality is that the largest threats to organizations are their own employees and contractors. Humans are vulnerable and prone to fall victim to schemes aimed at gaining access to company networks. For their part, the hackers are sly and cunning and know how to take advantage of the weak link. When organizations take the initiative to learn about common data breach scenarios, they can better prepare and protect themselves.Read more »
In today’s digital world, customer data is one of the most valuable currencies. Unfortunately, that makes it an incredibly attractive target for hackers, phishers, and other cyber criminals. In fact, an estimated 158,727 pieces of customer data are stolen every single hour.Read more »
What would happen to your brand trust if a personally owned device containing both personal and corporate data was lost or stolen?
Brand trust is paramount to the success and longevity of your business. While the creation of a separate interface for personal device traffic may seem inconvenient, it could prove to be one of the best security practices you implement.
Companies around the globe have identified the convenience of employees bringing their own device (BYOD) to work. In fact, 82% of companies allow the use of personal devices for work, but out of those companies, which support BYOD, 50% were breached through an employee’s personal device.Read more »
Weak Configuration: An Open Invitation for Cyber Exploitation
Technology devices don’t have a corner on weak configurations. System network configurations can be just as weak - especially when it comes to password protection. Weak configurations can be devastating to institutions holding large amounts of (sensitive) data such as financial services firms.Read more »
Whether you are a Principle or Partner, it should come as no surprise that the financial sector is the single most targeted industry when it comes to cyber attacks.
As mentioned in the Global Banking & Finance Review, "As data breaches are now an almost daily occurrence with both large enterprises and SMEs making headlines for compromises to intellectual property, the security of remote workers should be a high priority for any organisation. According to recent research from Apricorn, 48% of surveyed companies said employees are their biggest security risk, and one in ten companies with over 3,000 employees do not have a security strategy."
The SEC Brings Its First Enforcement Action under the Identity Theft Red Flags Rule
On September 26, 2018, the Securities and Exchange Commission (SEC) settled claims that Voya Financial Advisors, Inc. (VFA) failed to adequately protect customer information following a six-day cyber attack in 2016. The SEC’s order not only cites violations of the Safeguards Rule under Regulation S-P (a staple of SEC cyber security enforcement actions against broker-dealers and investment advisers), but also is the SEC’s first enforcement action for a violation of the Identity Theft Red Flags Rule under Regulation S-ID, which requires certain SEC registrants to create and implement programs to detect, prevent and mitigate identity theft. Click here for more details.
Financial institutions face 300% more cyber attacks that any other sector. The threat has gotten so far out of hand that numerous government agencies fear these cyber criminals are the biggest threat to bank stability. According to SEC Chair Mary Jo White, cyber attacks are such a grave concern that it overtakes terrorism in the Division of Intelligence’s list of global threats. There is one practice in particular that puts financial institutions at risk of a hack: Working Remote.
In the JP Morgan breach of 2014, 83 million customer records were compromised. That is 83 Million records stolen in just ONE breach. This incident is "the largest theft of customer data" and it all started with one employee working from home.Read more »