Warning: Large Banks face DoS threats – Small Banks Take Action

When the Financial Services – Information Sharing and Analysis Center (FS-ISAC) raises its threat level from “elevated” to “high”, banks need to take action.  The combination of the recently publicized rise in cyber-attacks against financial institutions and the number of institutions increasingly vulnerable make this a time for action. While the headlines are focusing on […]

Real World Social Engineering … In the Trenches with an Auditor

How well are your users prepared for modern-day social engineering attacks?  If you’re like the majority of management personnel I speak with during our pre-audit consultations you’re wary, but confident that your staff has properly prepared your employees from this threat to your organization. In response, I routinely explain that it is admirable that you […]

15% Of Users Will Divulge Logon Credentials To Strangers

Social engineering is the art of manipulating people into performing actions or divulging confidential information and/or proprietary information, non-disclosed information or usernames and passwords. It is the classic approach of the confidence man, convincing someone he or she is something they are not.  If you think your personnel would never be fooled, you’re fooling yourself. […]

7 out of 10 Bank IT Audits Inadequate

Are your IT auditors using best-of-breed commercial grade products or do they use freeware and open source IT Assessment tools?  Based on BAI Security’s review of previous IT auditor’s results, the majority of banks are being left exposed with potentially serious undiscovered vulnerabilities. The most common underlying factor in these environments is the actual testing […]

BAI Security Blog

Welcome to the BAI Security Blog! We are going to write and comment about the latest issues in IT Security and Compliance. Our focus will be on writing about IT Security and Compliance issues in the Banking and Financial Services Sector. We want this blog to be a resource for people interested in discussing the latest […]