Information security policies and procedures are the cornerstone of any information security program - and they are among the items that typically receive the greatest scrutiny from examiners and regulators. Cursory, disconnected or poorly communicated security policies will fail and likely drag down the overall...
Critics of the Heartland Payment Systems data breach have called out for tougher encryption standards for financial institutions and their third-party service providers. Applications for encryption are all around us from encrypting email traffic to board communications, remote access and mobile & Internet banking....
The Heartland Payment Systems data breach is on everyone's mind, and the case is in the hands now of the Federal Trade Commission (FTC) if it chooses to investigate. While the FTC will neither confirm nor deny a Heartland investigation, staff attorney Alain Sheer does offer his insight on:
How the FTC investigates...
Internal auditing has always been a key function within financial systems, and it becomes even more so when it comes to IT and information security.
In this exclusive interview, David Richards, President of the Institute of Internal Auditors (IIA), discusses:
The key differences between internal and IT...
An Insider's Guide to Banking Agencies' Examination Guidelines
The Identity Theft Red Flags Rule compliance deadline was Nov. 1. All banking institutions now must prepare for their first examinations on this important new regulation. Register for this webinar to learn from a senior Information security, compliance...
Interview with David Richards, President of the Institute of Internal Auditors
Internal auditing has always been a key function within financial systems, and it becomes even more so when it comes to IT and information security.
In this exclusive interview, David Richards, President of the Institute of Internal...
Banking regulators have turned up the heat on institutions to conduct better due diligence when selecting third-party service providers to manage sensitive data. But how does one determine if a vendor's security practices are truly up to snuff? Register for this webinar to learn through case studies and insights from...
Management of third-party service provider relationships has been a regulatory issue as far back as the FDIC's Bank Service Company Act. But recent, well-publicized security breaches of Heartland Payment Systems, TJX Companies and Hannaford Brothers have brought Vendor Management to the fore, and banking regulators...
Nearly every organization is required to have a Business Continuity Plan. Yet, planners often overlook issues related to resource allocation -- the "people, places and things" necessary for business continuity. Register for this webinar for case studies and insight on how to:
Identify and describe the components...
Just because you aren't directly offshoring any of your core systems or processes doesn't mean your third-party service provider isn't.
It's a given that most organization's outsource critical functions - particularly technology - as a means to reduce IT expense. Yet, even if organizations outsource these functions...
Forensics has become a hot topic for a variety of internal factors, including the importance of the Internet to everyday business and, with it, the rise of electronic fraud.
Externally, financial institutions especially feel regulatory heat in the form of FFIEC GLBA Notification Rule, SEC/NASD Rule 3010 and even he...
Federal regulations require many organizations to conduct independent testing of their computing and networking environment at regular intervals. Many organizations comply with this requirement by conducting penetration testing and vulnerability analyses. These tests offer a snapshot of an organization's security...
Understand why IT Audit is needed and what it will achieve
Gives attendees tools to use in preparing for IT Audit
Learn to identify, evaluate and improve IT Controls
Learn how to continuously collect and categorize information for year round availability
This workshop will expand on many of these areas and present practical and proven approaches many institutions have adopted in order to comply with Section 501(b) of GLBA and Section 216 of Fair and Accurate Credit Transaction Act. In the course of this workshop, we will provide detailed "best practices"...
Examination of IT risk assessments and how they are vital to financial institutions
A look at why IT risk assessments are important to your organization
How an IT risk assessment is performed
Sample assessment matrix included
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.