Published By: CheckMarx
Published Date: Sep 12, 2019
Financial services organizations operate under a host of regulatory standards. This makes sense, as the assets and information managed by these firms are valuable, sensitive, and targeted by sophisticated cyber attackers daily.
Compounding these challenges is the large volume of personally identifiable information (PII) that financial organizations handle regularly. PII is subject to many compliance regulations, notably the General Data Protection Regulation (GDPR), which regulates not only the processing of personal data, including PII, relating to individuals in the EU, for also any organization that processes personal data of EU residents.
For US banking consumers, Section 5 (Unfair or Deceptive Acts or Practices) of the Federal Trade Commission Act and numerous state regulations enforce basic consumer protections, which financial organizations must also uphold.
Data breaches can carry very serious consequences, such as the revelation in February 2008 that that the Hannaford Brothers chain of supermarkets lost more than four million debit and credit card numbers to hackers. The bottom line is that organizations must implement Data Loss Prevention (DLP) systems to protect themselves against the growing array of threats they face from inadvertent and malicious data leaks from email, instant messaging and other systems.
In January of 2008, a random sample of online technical newsletter subscribers at midsize companies (100-5,000 employees) received an email invitation to participate in a survey about data protection solutions use at their organizations. The goal of the survey was to identify sources of and/or reasons for information security breaches, and to better understand how businesses are planning to protect themselves against data leaks. The following report presents top line results of the study.
Companies rely on knowledge assets, such as product formulas and customer databases. VPNs and network monitors can protect proprietary information from outsiders; but, they won't do much to prevent access by internal users. With the popularity of wireless networks, USB drives and other portable devices, it's all too easy for insiders to leak key data. This white paper explains how Trend Micro LeakProof 3.0 protects sensitive data at rest, in use, and in motion.
Encryption will help to protect data against unauthorized access by outsiders from lost or stolen devices such as laptops, thumb drives, and other removable media. But it does not protect against the insider threat-employees and contractors with authorized access to data who mistakenly or maliciously leak your most valuable assets.
Credit Union Times is the nation's leading independent source for breaking news and analysis for credit union leaders. For more than 20 years, Credit Union Times has set the standard for editorial excellence and ethical, straight-forward reporting.