Biometric technology, and specifically its most modern iteration, facial recognition, has found its way into security systems essential to everyone. We rely on it to safeguard some of our most prized belongings, including our smartphones, laptops and now, with Apple Pay, even our bank accounts and credit cards. Security experts applaud facial recognition as one of the most secure and efficient means of authentication available today.
Why then, has the industry most hinged on security and identification – Banking, Financial Services and Insurance (BFSI) – been so slow to adopt this new wave of technology?
Rather than be caught off-guard and left to play catch-up, security and IT professionals should begin planning now for the many new and updated regulations, standards and proposed pieces of legislation that will be sweeping over the financial services industry and other sectors in the near future.
Comerica Incorporated announced that Juan Rodriguez has been named Executive Vice President, Chief Information Security Officer. Reporting to Executive Vice President and Chief Technology & Operations Services Officer Megan Crespi, Rodriguez oversees Comerica's enterprise-wide information security policy, strategy, architecture, operations and capability enhancements of the bank.
Sophos has published new research, “Gootloader Expands Its Payload Delivery Options,” that details how the delivery method for the six-year-old Gootkit financial malware has been developed into a complex and stealthy delivery system for a wide range of malware, including ransomware. Sophos researchers have named the platform, “Gootloader.” Gootloader is actively delivering malicious payloads through tightly targeted operations in the U.S., Germany and South Korea. Previous campaigns also targeted internet users in France.
ESET researchers recently discovered attempts to deploy Lazarus malware via a supply-chain attack (on less secure parts of the supply network) in South Korea. In order to deliver its malware, the attackers used an unusual supply-chain mechanism, abusing legitimate South Korean security software and digital certificates stolen from two different companies. The attack was made easier for Lazarus since South Korean internet users are often asked to install additional security software when visiting government or internet banking websites.
Financial services firms are reportedly hit by security incidents 300 times more frequently than other businesses, according to ID Theft Resource Center. To help financial planners protect their data and comply with the cybersecurity requirements established by the Securities and Exchange Commission (SEC) and FINRA, the Financial Planning Association (FPA) today launched Cybersecurity for Financial Planners: An FPA Certificate Program.
In new research from HelpSystems interviewing chief security officers in financial institutions about the security challenges they face, more than a third (35%) of survey respondents cite insider threats as one with potential to cause the most damage in the next 12 months.
The Office of the Comptroller of the Currency (OCC) reported the key issues facing the federal banking system and the effects of the COVID-19 pandemic on the federal banking industry in its Semiannual Risk Perspective for Fall 2020.
A Russian national was sentenced to eight years in prison for his role in operating a sophisticated scheme to steal and traffic sensitive personal and financial information in the online criminal underground that resulted in an estimated loss of over $100 million.
Mandiant Threat Intelligence researchers have identified FIN11, a financially-motivated hacking group behind bold, large and long-running malware campaigns. The hackers have expanded their range of targets the past two years while using increasingly aggressive ransomware attacks.