Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive
150x172_CUEffect.jpg
Contacts
LISA MCCUEVICE PRESIDENT OF COMMUNICATIONS
EDITOR-IN-CHIEF
MICHELLE WILLITSManaging Editor
RON JOOSSASSISTANT EDITOR
ALEX MCVEIGHSTAFF NEWSWRITER
TOM SAKASHSTAFF NEWSWRITER

News Now

CU System
Security not a tech issue but a biz issue
NEW YORK (11/14/08)--Security vulnerabilities often are not directly a technology issue, but a business issue, according to two IBM security executives. “There is no silver bullet, and the worst enemy is a lack of awareness,” said Phil McHugh, IBM ISS security executive, and Guy Denton, IBM ISS executive consultant, during a recent webinar that focused on security challenges faced by financial services providers. Risks can be data-driven, business-driven, or event-driven. Data-driven problems include viruses, worms, and disk failure. Business-driven problems include application outages, network problems and lack of governance. Event-driven problems stem from terrorism, natural disasters, power failures, fires or a pandemic, the webinar said. Increased collaboration among businesses also poses risks, McHugh said. Credit unions that want to guard against risks can undergo assessments. Vulnerability assessments provide penetration testing to see if vulnerabilities exist, and information security assessments comprehensively evaluate organizations’ information policies, procedures, controls and mechanisms. Five other initiatives that financial services providers are undergoing to prevent risks are:
* Access and identity management; * Security regulatory compliance; * Security training and awareness; * Governance for security, including frameworks; and * Disaster recovery and business continuity.
The webinar also noted security issues with Web 2.0, which is a catch-all term to describe sites that are more than static pages. The key enabler with Web 2.0 pages is the Asynchronous Javascript and XML--or AJAX. Traditional security approaches don’t work in Web 2.0, but credit unions can implement risk-based, enterprise-wide security programs to mitigate Web. 2.0’s applications with an integrated framework approach, McHugh and Denton said.
Other Resources

RSS





print
News Now LiveWire
Watching #SuperBowlXLIX this Sunday? Look for regional #creditunion #commercials @CltMetroCU @BECU @golden1cu #Seahawks #Patriots
14 hours ago
Philadelphia's American Bakery Workers FCU liquidated by @TheNCUA; @trumarkonline assumes shares
15 hours ago
More branch shutterings by @Citi: 4th-largest bank to close 10% of #Chicago area branches HT @CrainsChicago http://t.co/2vAvgucLY5
15 hours ago
56% struggle with subprime credit scores says @cfed survey HT @washingtonpost http://t.co/RHmMvuhNtw
16 hours ago
How to use social media for crisis communications Feb. 10 webinar from @SBAgov, @AgilityRecovery http://t.co/d16t8RHr7n
17 hours ago