Financial Services Cybersecurity Weekly Briefing 04-27-2018

Weekly FS Cybersecurity Blast

Weekly FS Cybersecurity Blast

[VIDEO] NewsJacker 04-24-18
NewsJacker is back! Check out my recap on the latest cybersecurity news from my office in Bremerton. I cover how cryptocurrency mining has become organized crime’s preferred tactic over ransomware, the not-so-coincidental timing of the EU pipeline cyberattacks and Russian sanctions, the changing role of the CISO, and the biggest news… we are changing our name to CI Security. Be one of the first to know why.

 

SunTrust Employee May Have Stolen Information About 1.5 Million Clients
SunTrust Banks Inc. STI -0.28% said an employee may have stolen the information of about 1.5 million customers and provided it to a “criminal third party,” the latest example of a potential breach that underscores the vulnerability of consumers’ private data. The Atlanta-based bank on Friday said the employee, who no longer works at SunTrust, attempted to access client information, although it has “not identified significant fraudulent activity” around the accounts involved.

 

Mulvaney Response to CFPB Data Security Gaps Baffles Cyber Experts 
Mulvaney has said hundreds of CFPB-related data breaches justified his announcement in December that the agency would halt collecting personally identifiable information from companies it supervises. But industry experts say such a data freeze is unusual in the government, where security gaps are somewhat common. More unusual, they say, is that the CFPB apparently resumed data collection after only a few weeks, without investigating or remedying the cybersecurity problems that it identified.

 

SEC Imposes $35m Fine Over Yahoo Data Breach
He said there was “a complete corporate failure to disclose information about the data breach that was widely known and readily available in the company”. The SEC did not announce any charges against executives at Yahoo. Mr Peikin said the agency’s investigation was continuing and it had not made any decisions about the conduct of individuals.

 

Asset Managers Seek Cyber Insurance Amid Threat of GDPR Fines
“In the past this may have been trading platforms or information on investment strategies used for key clients,” said Rounds. “GDPR means the number one crown jewel for the asset management sector is now personal data, such as employment data or information held by sales and marketing.” With asset managers and custodian banks generating hundreds of millions of pounds in revenues each year, a data breach resulting from a cyber attack could have a significant impact on profits.

 

 

Stay up to date on the Financial Services Information Security news that you need to know by signing up for our Financial Cybersecurity Briefing Here.

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.