Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive
150x172_CUEffect.jpg
Contacts
LISA MCCUEVICE PRESIDENT OF COMMUNICATIONS
EDITOR-IN-CHIEF
MICHELLE WILLITSManaging Editor
RON JOOSSASSISTANT EDITOR
ALEX MCVEIGHSTAFF NEWSWRITER
TOM SAKASHSTAFF NEWSWRITER

News Now

CU System
Security not a tech issue but a biz issue
NEW YORK (11/14/08)--Security vulnerabilities often are not directly a technology issue, but a business issue, according to two IBM security executives. “There is no silver bullet, and the worst enemy is a lack of awareness,” said Phil McHugh, IBM ISS security executive, and Guy Denton, IBM ISS executive consultant, during a recent webinar that focused on security challenges faced by financial services providers. Risks can be data-driven, business-driven, or event-driven. Data-driven problems include viruses, worms, and disk failure. Business-driven problems include application outages, network problems and lack of governance. Event-driven problems stem from terrorism, natural disasters, power failures, fires or a pandemic, the webinar said. Increased collaboration among businesses also poses risks, McHugh said. Credit unions that want to guard against risks can undergo assessments. Vulnerability assessments provide penetration testing to see if vulnerabilities exist, and information security assessments comprehensively evaluate organizations’ information policies, procedures, controls and mechanisms. Five other initiatives that financial services providers are undergoing to prevent risks are:
* Access and identity management; * Security regulatory compliance; * Security training and awareness; * Governance for security, including frameworks; and * Disaster recovery and business continuity.
The webinar also noted security issues with Web 2.0, which is a catch-all term to describe sites that are more than static pages. The key enabler with Web 2.0 pages is the Asynchronous Javascript and XML--or AJAX. Traditional security approaches don’t work in Web 2.0, but credit unions can implement risk-based, enterprise-wide security programs to mitigate Web. 2.0’s applications with an integrated framework approach, McHugh and Denton said.
Other Resources

RSS





print
News Now LiveWire
#FinCEN seeks nominations of FIs, trade groups for membership on Bank Secrecy Act advisory group http://t.co/l5w58c277W
14 minutes ago
MI pediatric dentist pledges $20K match to Hurley Children's Hospital if it wins @CUDirect's 20 for 20 http://t.co/Eq2nIPm6jo
39 minutes ago
Kids learn budgeting with M&Ms http://t.co/SzXipTLX12
1 hours ago
Neb. #creditunions report widespread growth: 3Q review #NewsNow #system http://t.co/BavEljz15w
2 hours ago
Economic growth leaps in Nov, @ChicagoFed reports http://t.co/8Xo9lKLFf2
2 hours ago