Financial Services Cybersecurity Weekly Briefing 05-18-2018

Weekly FS Cybersecurity Blast

Weekly FS Cybersecurity Blast

12 Key Steps in Responding to a Data Breach
Every healthcare organization should have an incident response plan (IRP) in place before it experiences a breach of protected health information. The IRP is the roadmap for what to do in the event of a data breach—it contains the specific steps to take so the organization can quickly respond and then defend itself against any legal actions that might stem from lost or stolen data. In a new report, cloud security vendor ARMOR walks through the process of assembling an incident response team and the steps an IRP should contain to effectively respond to a breach.

Detecting Cloned Cards at the ATM, Register
Much of the fraud involving counterfeit credit, ATM debit and retail gift cards relies on the ability of thieves to use cheap, widely available hardware to encode stolen data onto any card’s magnetic stripe. But new research suggests retailers and ATM operators could reliably detect counterfeit cards using a simple technology that flags cards which appear to have been altered by such tools.

How to Ensure Third-party Security Audits Properly Assess Risk
Businesses have traditionally had to manage financial and operational third-party risks. But with the advent of cloud-driven models and platforms-as-a-business that are digitalized, connected, collaborative and data-driven, come new facets of risks. Exposure to more relationships, be they with customers, partners or suppliers, has introduced business continuity, data security, and regulatory and compliance risks. Amid rapidly evolving e-commerce and e-payment methods, online stores and digital businesses now gather, store and process large volumes of their customers’ personal data.

 

Stay up to date on the Financial Services Information Security news that you need to know by signing up for our Financial Cybersecurity Briefing Here.

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.