Financial Services Cybersecurity Weekly Briefing 05-04-2018

Weekly FS Cybersecurity Blast

Weekly FS Cybersecurity Blast

GDPR — Another Y2K or Real Apocalypse?
If you’ve been in this business long enough, you will have lived through multiple Hype Cycles. They start with some vaguely defined problem that if not addressed will lead to the end of the world, or at least, you and your organization’s world. We’ve seen this before, and now we’re about to see another wave of hype from GDPR, the EU’s latest personal privacy regulation set to take effect on May 25, 2018. The world is holding its breath for that day, much like another hyped event we were holding our collective breath on New Year’s Eve in 1999 — Y2K. After our own thorough evaluation of the GDPR security requirements, we’ve compiled the essential information U.S. companies need to know.

Preparing Markets for Russian Financial Retaliation
Manipulating or disrupting international financial markets would be a risky move. Putin’s Russia has shown remarkable risk tolerance though, and could feel further emboldened by its ability until now to weather Western reaction—or lack thereof—to brazen moves such as murdering enemies in Britain or tilting the U.S. electoral field. Moreover, visibly standing up to Western pressure and wrong-footing the “main enemy” (aka, the United States) remains a key element of Putin’s popular appeal and elite support.

Mexican Banks Targeted in Cyber Attack
Three banks experienced “incidents” in recent days when operating the SPEI, Mexico’s interbank electronic transfer system, and will be connecting to the central bank’s network under “contingency schemes,” Banco de Mexico said in a statement Friday evening. That could cause delays in money transfers, according to the statement, which noted that the central bank’s SPEI infrastructure and client money haven’t been affected.

3 Ways to Maximize Security and Minimize Business Challenges 
[Every] network is bespoke – formed from accepted design patterns, business requirements, organic growth and designer preference. Consequently, it’s not feasible to choose security tools with the mindset of, “If I just had this network intrusion detection system (NIDS) and that user behavior analytics (UBA) tool, then I’d be secure for sure.” Why? Because it doesn’t address the unique challenges you need to solve to secure your unique network.

 

Stay up to date on the Financial Services Information Security news that you need to know by signing up for our Financial Cybersecurity Briefing Here.

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.