Banking, CISO and Risk - Cyber Security Informer

Israel–Iran Conflict Escalates in Cyberspace: Banks and Crypto Hit, Internet Cut

SecureWorld News

JUNE 19, 2025

Bank Sepah, one of Iran's oldest and most strategically essential banks, suffered major outages across its ATMs and online services on June 17th. The alerts urge CISOs to elevate monitoring and reinforce incident response protocols in light of heightened geopolitical risk. This is not just a Middle East issue.

Internet

Internet Internet Banking CISO

From Compliance to Confidence: How AI Is Reshaping Third-Party Risk

SecureWorld News

MAY 13, 2025

As geopolitical instability, supply chain disruption, and cyber threats continue to escalate, third-party risk management (TPRM) is evolving from a compliance function to a strategic business imperative. According to the EY survey , 87% of organizations have experienced a third-party risk incident in the past three years.

Risk

Risk Cyber Risk Artificial Intelligence Technology

RSAC Fireside Chat: Human and machine identity risks are converging — and they’re finally visible

The Last Watchdog

MAY 30, 2025

Whether you’re a bank, a mining company, or an airline, this is a soft, underlying hygiene problem, says Tim Eades , CEO of Anetac. Eades explained how Anetacs founding team interviewed dozens of CISOs before launching a platform purpose-built to tackle this blind spot. On-premise was ugly and hard. The cloud is just a mess.

Risk

Risk Cyber Insurance Accountability Insurance

AI-Driven Fraud and Impersonation: The New Face of Financial Crime

SecureWorld News

JULY 17, 2025

banks and financial firms are being targeted by scammers using deepfake videos, AI-generated voices, and advanced chatbots to deceive employees and customers. security leaders and bank executives, defending against this high-tech impostor has become a top priority in 2025. In 2025, U.S. In 2025, numerous U.S.

Banking

Banking Scams Social Engineering Financial Services

New Cybersecurity Rules for Financial Institutions in New York State Take Effect November 1, 2024

Thales Cloud Protection & Licensing

OCTOBER 24, 2024

The cybersecurity regulations apply to entities overseen by the NYDFS, such as financial institutions, insurance companies, agents, and brokers, as well as banks, trusts, mortgage lenders and brokers, money transmitters, check cashers, and other related businesses.

Financial Services

Financial Services Cybersecurity CISO Backups

$12M Ransomware Attack Hit Because Nobody Listened to the Security Team

SecureWorld News

APRIL 3, 2025

A healthcare CISO I mentored was frustrated by apparent lack of support for a medical device security program. This response acknowledges their point while introducing compelling evidence of the evolving risk. I worked with a bank CISO who was struggling to get approval for a cloud security program.

Ransomware

Ransomware CISO Authentication Healthcare

Passwordless Authentication without Secrets!

Thales Cloud Protection & Licensing

OCTOBER 11, 2024

CISO and Operation Managers are increasingly attentive to the security and efficiency returns of frictionless onboarding and authentication for professionals working in dynamic, multi-user environments. Enhanced privacy and security : eliminate the need to store personal information, reducing risk and meeting global privacy standards.

Authentication

Authentication Healthcare Retail Manufacturing

Cybersecurity Snapshot: Experts Issue Best Practices for Migrating to Post-Quantum Cryptography and for Improving Orgs’ Cyber Culture

Security Boulevard

JUNE 6, 2025

And get the latest on exposure response strategies and on CISO compensation and job satisfaction. Embrace change: Stay attuned to emerging cyber risks and be ready to modify cybersecurity processes accordingly. million-plus annually, CISOs at large enterprises are making bank, but, ironically, job dissatisfaction among them is high.

CISO

CISO Cybersecurity Cyber threats Government

Security Roundup January 2025

BH Consulting

JANUARY 30, 2025

Cyber risk remains top of mind for business leaders A regular January fixture, the World Economic Forums Global Risk Report 2025 features two technology-related threats among the top five risks for the year ahead and beyond. The report ranks risks by severity over two-year and 10-year timeframes.

Computers and Electronics

Computers and Electronics Cyber Risk Risk CISO

NYDFS Cybersecurity Regulation: Dates, Facts and Requirements

Centraleyes

MARCH 13, 2025

Enacted in 2017, this regulation is all about minimizing risk in the financial services sector, which, lets face it, is prime real estate for cybercriminals. The program should be tailored to your specific business risks. Insight: Many businesses make the mistake of copying templates without understanding their unique risks.

Cybersecurity

Cybersecurity Financial Services Risk Encryption

Simplifying Compliance in the Complex U.S. FinServ Regulatory Landscape

Thales Cloud Protection & Licensing

JANUARY 16, 2025

Here is a quick summary of the most relevant regulations: Gramm-Leach-Bliley Act (GLBA) The GLBA mandates that a broad range of financial institutions based or operating in the United States, from banks and brokerage firms to payday and tax preparers, protect consumers personal financial information.

Financial Services

Financial Services Insurance Encryption Government

Spotlight on Cybersecurity Leaders: Richard Staynings

SecureWorld News

JANUARY 6, 2025

A recovering CISO, with more than 30 years' experience of both cybersecurity leadership and client consulting mostly in healthcare, Richard has lived in more than 30 countries and delivered innovative solutions to organizations in all of them.

Cybersecurity

Cybersecurity Cybercrime Healthcare Government

2025 Cybersecurity Predictions: Not Getting Easier; But There is Hope

SecureWorld News

DECEMBER 27, 2024

Critical infrastructure is at risk, moreso thanks to AI. Kip Boyle, vCISO, Cyber Risk Opportunities LLC: The Challenge of Cultivating Buy-in from Leadership and Employees "Cybersecurity professionals will continue to face a critical challenge: cultivating genuine buy-in from both senior leaders and employees.

Cybersecurity

Cybersecurity Risk Government CISO

AI-Driven Tax Scams Are Surging: What You Need to Know this Season

SecureWorld News

APRIL 1, 2025

billion in financial crimes, with nearly 14% of investigations sparked by Bank Secrecy Act data. The AI-powered scam playbook From generative AI (GenAI) phishing emails to deepfake impersonations of IRS agents, attackers are raising the barand the risks. Identity theft and fraudulent refund schemes were major players.

Scams

Scams Identity Theft Phishing CISO

News alert: Cybersecurity, AI priorities for 2025 highlighted at ATPC Cyber Forum in Atlanta

The Last Watchdog

OCTOBER 30, 2024

30, 2024, CyberNewswire — The American Transaction Processors Coalition (ATPC) Cyber Council will convene “The Tie that Binds: A 21st Century Cybersecurity Dialogue,” on October 31, 2024, at the Bank of America Financial Center Tower’s Convention Hall in Atlanta. Atlanta, GA, Oct.

Financial Services

Financial Services Cybersecurity Banking Technology

Why Predator is the ultimate CISO movie

Javvad Malik

OCTOBER 29, 2020

The movie starts on the outskirts of a jungle and the CISO (Arnie) with his team land in their helicopters. This is a perfect metaphor for how a CISO operates in day to day situations. This is a reminder to all security pros that they need to continually keep their skills up to date or risk becoming a dinosaur. Well read on.

CISO

CISO InfoSec Banking Technology

How a CISO Values CCSP Training and Certification

CyberSecurity Insiders

AUGUST 11, 2021

Chief Information Security Officer (CISO) Luis Gonsalves, Head of Security for Portugal’s central bank, and founder of the Cloud Security Alliance’s Portugal Chapter, says Certified Cloud Security Professional (CCSP) stands out from other technical certifications. That’s the real differentiator ,” he says. Read the Full Article.

CISO

CISO Data privacy Banking Risk

A Chief Security Concern for Executive Teams

Krebs on Security

DECEMBER 18, 2018

KrebsOnSecurity reviewed the Web sites for the global top 100 companies by market value, and found just five percent of top 100 firms listed a chief information security officer (CISO) or chief security officer (CSO). Nobody’s saying these companies don’t have CISOs and/or CSOs and CTOs in their employ.

CSO

CSO CISO Marketing Banking

NEW TECH: CASBs continue evolving to help CISOs address multiplying ‘cloud-mobile’ risks

The Last Watchdog

APRIL 29, 2020

Nassar: On a personal level, we use our mobile devices to access just about everything from our email, to our banking, to social media collaboration, to sharing photos with family, it’s all in a cloud-mobile environment. Some CISOs, at first, were reserved and said, ‘We’re not moving to the cloud.’

Mobile

Mobile CISO Risk Cloud Migration

Hello, I am CISO Helen. Nice To Meet You :-)

Duo's Security Blog

FEBRUARY 23, 2021

Hello, I am Helen Patton, and I am the newest Advisory CISO at Duo. While I was a CISO at Ohio State we partnered with Duo to implement MFA across our organization. Talk to a Higher Education CISO (note to security product engineers – if you ever want a testbed for your ideas, partner with a university). We don’t care.

CISO

CISO Banking Education Risk

First American Financial Pays Farcical $500K Fine

Krebs on Security

JUNE 18, 2021

The actual customers of the title insurance companies are principally the banks which back these mortgage transactions. “The [employee] did not request a waiver or risk acceptance from the CISO.” ” Rasch said First American’s first problem was labeling the weakness as a medium risk.

Insurance

Insurance Risk Financial Services CISO

Today’s CISO Insights – How to Tackle the Quantum Threat

CyberSecurity Insiders

MAY 3, 2023

This is why CISOs everywhere should be concerned. CISOs should begin to familiarize themselves with these and evaluate their potential suitability for adoption. Once that ecosystem is understood and its supporting cryptology has been identified, CISOs should develop a plan that considers quantum-resistant technology.

CISO

CISO Identity Theft Encryption Social Engineering

Hi-5 With A CISO Mário Fernandes, Banco BPI

Security Boulevard

MAY 30, 2021

Mário João Fernandes, born and raised in Mozambique, has been working in the banking sector for 29 years and has been fulfilling dedicated security roles in the cybersecurity space for over 11 years. The post Hi-5 With A CISO <br><br> Mário Fernandes, Banco BPI appeared first on CybeReady.

CISO

CISO InfoSec Banking Cybersecurity

News Alert: Cynomi study shows MSPs offering virtual CISO services to rise fivefold next year

The Last Watchdog

AUGUST 17, 2023

17, 2023 — Cynomi , the leading AI-powered virtual Chief Information Security Officer (vCISO) platform vendor for Managed Service Providers (MSPs), Managed Security Service Providers (MSSPs) and consulting firms, has published the results of its first annual report, “ The State of the Virtual CISO 2023 ”. Tel Aviv, Israel, Aug.

CISO

CISO Cybersecurity Risk Banking

Listen: Security Risk Solutions LLC’s Steve Katz on keeping things simple

SC Magazine

APRIL 1, 2021

When Steve Katz was named chief information security officer of Citibank in 1995, he was given two directives: build the best information security department in the world and limit the damage from the 1994 hack of the bank’s funds transfer system. Listen to episode 6 of CISO Stories, Your Job is to Make CyberSecurity Simple!

Risk

Risk CISO Information Security Banking

Cybersecurity Collaborative reveals CISOs’ tips for a diverse and inclusive workforce

SC Magazine

JUNE 8, 2021

Many of the insights featured in the report come from the panel of CISOs in the webcast: Meredith Harper, vice president, chief information security officer, Eli Lilly and Company; Sydney Klein, chief information security officer, Bristol Myers Squibb; and Christopher Zell, vice president, head of information security, The Wendy’s Company.

CISO

CISO Cybersecurity Information Security Banking

What the Federal Reserve Chair Just Said About Cyber Risk

SecureWorld News

APRIL 12, 2021

Federal Reserve Chairman Statement on Cyber Risk. CBS News Anchor Scott Pelley asked the Fed Chairman about the odds of a systemic crisis like the one we saw in 2008, where banks and others needed bailouts. And then he continued: "But—the world changes, the world evolves, and the risks change as well. Very," replied Powell.

Cyber Risk

Cyber Risk Risk CISO Banking

RSAC insights: How ‘TPRM’ can help shrink security skills gap — while protecting supply chains

The Last Watchdog

JUNE 2, 2022

Third-Party Risk Management ( TPRM ) has been around since the mid-1990s – and has become something of an auditing nightmare. Related: A call to share risk assessments. This is because third-party risk has become a huge problem for enterprises in the digital age. Cyber risks profiling. based CyberGRX. Cyber hygiene boost.

Cyber Risk

Cyber Risk Risk Digital transformation Insurance

Why UnionDigital Bank invests in an AI-driven approach to cybersecurity

CSO Magazine

AUGUST 2, 2022

The data-reliance of digital banking means an AI-driven approach to cybersecurity and risk management is integral to success, UnionDigital Bank CISO Dominic Grunden tells CSO. It was established in just five months, a timescale unheard of in the banking industry, Grunden says.

Banking

Banking CSO Cybersecurity CISO

Why do CISOs Keep Quitting on Florida?

SecureWorld News

AUGUST 25, 2021

Chief Information Security Officers (CISO) have the luxury of being an incredibly hot commodity, so they can pretty much pick and choose where they work, as they are almost guaranteed to have a job waiting for them somewhere. And this is increasing cyber risk. In hopes of defending against attacks like these, Gov.

CISO

CISO Government Cybersecurity Technology

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

The Last Watchdog

APRIL 13, 2022

Although there’s no one magic solution to eliminating cyberattacks and cybercrime risks, there are steps you can take to reduce the chances of becoming a victim. Cybersecurity and Infrastructure Security Agency (CISA) has started a campaign to increase awareness of these risks to U.S. businesses called #ShieldsUp.

Cybersecurity

Cybersecurity Cybercrime Government Education

‘Think about problems in a different way’: Inside the Bank of America CISO’s neurodiversity push

SC Magazine

FEBRUARY 22, 2021

Craig Froelich, chief information security officer of Bank of America Merrill Lynch, described how cybersecurity is not just a technology risk during a 2017 annual meeting of the Securities Industry and Financial Markets Association. Craig Froelich, CISO at Bank of America. Certainly, that’s a positive development.

Banking

Banking CISO Cybersecurity Financial Services

Ransomware Resiliency for Storage & Backup: Trends, Threats & Tips

CyberSecurity Insiders

AUGUST 28, 2022

A few years ago, very few CISOs thought that storage & backups were important. This has driven CISOs to look again at potential holes in their safety nets, by reviewing their storage, backup and recovery strategies. “In So, storage houses critical high-risk data that feeds your applications and devices. Recommendations.

Backups

Backups Ransomware CISO Risk

Predictions for 2023 API Security

CyberSecurity Insiders

JANUARY 6, 2023

Prediction #2: Leaders will see APIs as representing both security and business risks. That’s because the lack of control, security, and governance around APIs doesn’t just increase risks, it is also operationally inefficient. Prediction #4: Organizations will right-size data storage to reduce risks.

CISO

CISO Financial Services Risk Unstructured Data

The Hidden Cost of Ransomware: Wholesale Password Theft

Krebs on Security

JANUARY 6, 2020

4 interview, VCPI’s acting chief information security officer — Mark Schafer , CISO at Wisconsin-based SVA Consulting — confirmed that the company received a nearly identical message that same morning, and that the wording seemed “very similar” to the original extortion demand the company received. In our Dec.

Passwords

Passwords Ransomware Password Management Malware

ROUNDTABLE: Why T-Mobile’s latest huge data breach could fuel attacks directed at mobile devices

The Last Watchdog

AUGUST 19, 2021

Related: Kaseya hack worsens supply chain risk. This is the type of incident that could have been identified as a risk by a properly scoped penetration test and detected with the use of internal network monitoring tools. Once more, a heavily protected enterprise network has been pillaged by data thieves. We all know security is hard.

Data breaches

Data breaches Mobile Authentication Accountability

Making Security Personal: Warn End Users About New Bank App Alert

SecureWorld News

JUNE 15, 2020

It's a common best practice among CISOs trying to get their employees invested in cybersecurity for the corporate network: make things personal. Department of Justice alert: rogue banking apps and trojans. If there's one thing we can all agree on, it's that a trip to the bank is one of the least exciting errands of all time.

Banking

Banking Spyware Authentication Passwords

2023 Cybersecurity Predictions from Marcus Fowler, Darktrace

CyberSecurity Insiders

DECEMBER 18, 2022

A look ahead to 2023 we can expect to see changes in MFA, continued Hactivism from non-state actors, CISOs lean in on more proactive security and crypto-jackers will get more savvy. 5 – Recession requires CISOs to get frank with the board about proactive security. By Marcus Fowler, CEO of Darktrace Federal.

Cybersecurity

Cybersecurity CISO Insurance Ransomware

D.C. Think Tank Launches Cybersecurity Working Group

SecureWorld News

NOVEMBER 15, 2022

think tank focused on bipartisan solutions promoting health, security, and opportunity for all Americans has launched a working group with the aim of identifying the most pressing risks in cybersecurity. Craig Froelich , CISO, Bank of America. Phil Venables , CISO, Google Cloud. A Washington, D.C.,

Cybersecurity

Cybersecurity CISO Technology Banking

State of API Security: Financial Services and Insurance

Security Boulevard

JULY 19, 2023

Yet, despite these growing attacks, more than 25% of the financial services/insurance organizations surveyed lack a proper API strategy, putting them at a higher risk of API breaches. We looked at a few platforms, and Salt was the best solution for us.

Financial Services

Financial Services Insurance Banking Digital transformation

Protecting your Customers and Brand in 2022: Are you doing enough?

Jane Frankland

APRIL 28, 2022

Nowadays, organisations need digital leaders such as CIOs, CISOs, and CTOs who are strategists, visionaries, and know how to manage, effectively. The pressure for those in charge is immense as cyber risks have scaled, and can now bring businesses, economies, and communities to a halt. billion) is expected online.

CISO

CISO Technology Mobile Risk

Moving the Cybersecurity Goal Posts

Security Boulevard

NOVEMBER 28, 2022

Adaptive control, no trust, zero-trust, auto-remediation artificial intelligence, and content filter with multi-factor authentication aligning with your CASB deployment add in open-source technology, unpatched critical infrastructure, is your organization’s cybersecurity risks and compliance mandates protected? Banking on Next-Gen Everything.

Cybersecurity

Cybersecurity Digital transformation Technology Risk

Spotlight on Cybersecurity Leaders: Kip Boyle

SecureWorld News

NOVEMBER 2, 2022

He helps senior decision makers overcome cybersecurity sales objections and manages unlimited cyber risks through rigorous prioritization. In the private sector, he was a CISO for an insurance company, credit card processor, bank, credit union, and IT Managed Service Provider.

Cybersecurity

Cybersecurity Cyber Insurance Insurance CISO

Passkeys and The Beginning of Stronger Authentication

Thales Cloud Protection & Licensing

FEBRUARY 1, 2024

Passkeys and The Beginning of Stronger Authentication madhav Fri, 02/02/2024 - 05:23 How passkeys are rewriting the current threat landscape Lillian, an experienced CISO, surveyed the threat landscape. CISOs, like Lillian , can now redirect their focus to other critical aspects of cybersecurity. Fortunately, it didn’t have to.

Authentication

Authentication Passwords CISO Password Management

Israel–Iran Conflict Escalates in Cyberspace: Banks and Crypto Hit, Internet Cut

From Compliance to Confidence: How AI Is Reshaping Third-Party Risk

Trending Sources

RSAC Fireside Chat: Human and machine identity risks are converging — and they’re finally visible

AI-Driven Fraud and Impersonation: The New Face of Financial Crime

New Cybersecurity Rules for Financial Institutions in New York State Take Effect November 1, 2024

$12M Ransomware Attack Hit Because Nobody Listened to the Security Team

Passwordless Authentication without Secrets!

Cybersecurity Snapshot: Experts Issue Best Practices for Migrating to Post-Quantum Cryptography and for Improving Orgs’ Cyber Culture

Security Roundup January 2025

NYDFS Cybersecurity Regulation: Dates, Facts and Requirements

Simplifying Compliance in the Complex U.S. FinServ Regulatory Landscape

Spotlight on Cybersecurity Leaders: Richard Staynings

2025 Cybersecurity Predictions: Not Getting Easier; But There is Hope

AI-Driven Tax Scams Are Surging: What You Need to Know this Season

News alert: Cybersecurity, AI priorities for 2025 highlighted at ATPC Cyber Forum in Atlanta

Why Predator is the ultimate CISO movie

How a CISO Values CCSP Training and Certification

A Chief Security Concern for Executive Teams

NEW TECH: CASBs continue evolving to help CISOs address multiplying ‘cloud-mobile’ risks

Hello, I am CISO Helen. Nice To Meet You :-)

First American Financial Pays Farcical $500K Fine

Today’s CISO Insights – How to Tackle the Quantum Threat

Hi-5 With A CISO Mário Fernandes, Banco BPI

News Alert: Cynomi study shows MSPs offering virtual CISO services to rise fivefold next year

Listen: Security Risk Solutions LLC’s Steve Katz on keeping things simple

Cybersecurity Collaborative reveals CISOs’ tips for a diverse and inclusive workforce

What the Federal Reserve Chair Just Said About Cyber Risk

RSAC insights: How ‘TPRM’ can help shrink security skills gap — while protecting supply chains

Why UnionDigital Bank invests in an AI-driven approach to cybersecurity

Why do CISOs Keep Quitting on Florida?

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

‘Think about problems in a different way’: Inside the Bank of America CISO’s neurodiversity push

Ransomware Resiliency for Storage & Backup: Trends, Threats & Tips

Predictions for 2023 API Security

The Hidden Cost of Ransomware: Wholesale Password Theft

ROUNDTABLE: Why T-Mobile’s latest huge data breach could fuel attacks directed at mobile devices

Making Security Personal: Warn End Users About New Bank App Alert

2023 Cybersecurity Predictions from Marcus Fowler, Darktrace

D.C. Think Tank Launches Cybersecurity Working Group

State of API Security: Financial Services and Insurance

Protecting your Customers and Brand in 2022: Are you doing enough?

Moving the Cybersecurity Goal Posts

Spotlight on Cybersecurity Leaders: Kip Boyle

Passkeys and The Beginning of Stronger Authentication

Stay Connected