Provision IAM’s Post

Why is having a vCISO so beneficial for you today? Check out our latest blog post to discover how a virtual Chief Information Security Officer can keep your bank compliant, secure, and strategically sound without breaking the bank. Click here to read more: https://lnkd.in/gbmbNzqe

Neil Acworth Joins Encompass Corporation as CISO, Bringing Decades of Industry Experience to Bolster Trust ... - Fintech Finance: Neil Acworth Joins Encompass Corporation as CISO, Bringing Decades of Industry Experience to Bolster Trust ...  Fintech Finance #CyberSecurity #InfoSec #SecurityInsights

Unveiling ATM Vulnerabilities: A Call to Secure the Financial Fortresses Recent footage circulating online reveals a concerning reality—ATMs exposing their internal systems, shedding light on silent threats that, if recognized by an attacker, could lead to the exploitation of the entire banking apparatus. **Exploiting the Convergence: A Potent Threat Unleashed** When the vulnerabilities from card skimming and data breaches align, attackers gain access to a lethal combination of stolen card details and sensitive financial data. This convergence opens avenues for exploitation, including the initiation of a reverse shell—a gateway to manipulating ATM systems. **The Risks Unveiled:** 1. **Unauthorized Transactions:** Armed with pilfered card details and PINs, cybercriminals can execute unauthorized transactions, systematically draining funds from compromised accounts. 2. **System Manipulation:** A reverse shell becomes the tool for manipulating ATM systems, allowing attackers to alter settings, modify transaction logs, or orchestrate the unauthorized dispensing of cash. 3. **Data Harvesting for Wider Exploitation:** Stolen financial data transforms into a powerful instrument for broader exploitation, with potential consequences extending beyond the compromised ATM to infiltrate broader banking systems and user accounts.

SEC’S NEW DATA BREACH REQUIREMENT INCREASES OBLIGATIONS FOR FINANCIAL SERVICES COMPANIES A threat actor may identify or exploit a system vulnerability. It can deploy tools, move through the system, escalate privileges, exfiltrate data, encrypt files, and make a ransom demand. This leads to numerous questions for the banking company: How was the incident discovered? How long has the threat actor been in the network? Has any data been compromised? What is the impact on operations? What is the scope of the incident? Has a notification incident occurred? What can be reported in the next 36 or 72 hours? Who must be notified? Which federal regulators? Which state regulators? Do customers and individuals need to be notified? What is the substance of the notification? Should the intruders gain access to or acquire the account information of customers that are spread out over multiple locations and lines of business, the bank should consider the following requirements, among others: State laws requiring breach notification of individuals and state regulators Banking and securities regulator notification Customer notification under federal SEC requirements European regulator notification New York Department of Financial Services (NYDFS) notification Cybersecurity and Infrastructure Security Agency (CISA) notification The requirements to consider depend on the particular affected lines of business as well as the outcome of several recent rulemaking proposals. https://lnkd.in/eyhR7qsb

🔒💻 As our world becomes increasingly digitized, the banking and financial sector is undergoing a dramatic transformation. From mobile banking apps to online transaction portals, protecting sensitive financial data has never been more crucial. Our latest blog post dives into the best IT practices for credit unions to safeguard their members' valuable information. 🏦 Curious about how your credit union can step up its security game? Check out "Protecting Sensitive Financial Data: Best IT Practices for Credit Unions" on Landmark Technologies' blog! 👉 https://lnkd.in/db2S2uTR Join the conversation and share your thoughts in the comments below! Let's create a safer digital space together. 💬🌐 #CyberSecurity #CreditUnions #FinancialDataProtection

The assumption that this is entirely a breach by nefarious actors can be misleading. Lack of systems, outdated systems, internal conspirators, all play a role. When I heard news that police had to be deployed at ATM sites to prevent extraction was confirmation of my worst fear: either they had no way to actually control them centrally or they didn't know how. Further signs of dysfunction and chaos was making an announcement demanding those who took money to return the funds (out of their own free volition, as if that is enough of a motivation) or else bank will pursue action. This told me the bank didn't know who did what in terms of account movements in the bank, another huge flag - all sorts of questions about their daily reconciliations processes, recurring debits, debit limit breach, etc. will all come under the microscope for scrutiny. The fact that this happened in 2024 and to one of the largest bank in East Africa is eye-popping. This will be a time for reflection and for the other banks to take the opportunity to get their act together for the coming period.

While banks are eager to embrace new technology, it doesn't mean we're fully prepared for the associated risks. Many financial institutions and even government agencies rely on the same small group of tech providers for critical services, creating a significant concentration risk. If one of these providers faces a cybersecurity issue, it could have a ripple effect throughout the entire financial system. This vulnerability is not just limited to smaller banks with fewer resources; larger institutions also present attractive targets for bad actors. To address these challenges, the Treasury Department has made cybersecurity a cornerstone of its work on banking, launching Project Fortress—a major public-private partnership offering free cybersecurity tools for banks and a collaborative space for bankers and law enforcement to counter cyber attackers. Additionally, Federal Reserve Vice Chair Michael Barr warns that artificial intelligence, particularly generative AI, is poised to escalate the arms race between defenders and attackers. As AI technology advances, the potential for more sophisticated and rapid malicious attacks increases, underscoring the need for vigilance from both bankers and regulators. #banking #bankingindustry #cybersecurity #artificialintelligence https://lnkd.in/geFSdHCK

From My Lens: Decrypting the Commercial Bank of Ethiopia's Security Breach As a researcher in system security, I am deeply concerned about the recent incident involving the Commercial Bank of Ethiopia (CBE). The reported transaction authorization bypass, where individuals could deduct money from ATMs without sufficient funds and transaction limits, highlights critical vulnerabilities within the bank's security infrastructure. One of the fundamental pillars of modern banking security is continuous and robust protection mechanisms, including 24/7 monitoring and anomaly detection systems. These systems should be designed to detect and respond to suspicious activities in real time, ensuring the integrity and security of financial transactions. So, what happened to CBE? The fact that such a significant breach occurred in the middle of the night without triggering any alarms or outlier detection mechanisms raises serious questions about the bank's security protocols and internal controls. While insider threats can pose a significant risk to organizational security, it's essential to avoid jumping to conclusions without concrete evidence. However, it's crucial for CBE to thoroughly investigate the possibility of insider involvement in this incident, as insiders with access to sensitive systems and information could potentially exploit vulnerabilities for personal gain. Let me question the insiders: how do they not detect such anomalous transactions? Consider Abebe Kebede, who typically uses his ATM card to withdraw money during daytime hours, averaging around 1000 ETB weekly for his expenses. Historical transaction data establish this pattern of behavior, which is considered a regular activity for Abebe Kebede. Now, imagine it's midnight, well outside the usual transaction hours. Suddenly, the ATM associated with Abebe Kebede's account initiates multiple transactions, each for large sums of money, and this behavior continues for an extended period. In this scenario, the anomaly detection system would be triggered by the following factors: 1) Unusual Timing: 2) Uncharacteristically Large Sum 3) Frequency of Transactions While having an alarm system, why does it fail at detecting those transactions? I leave the answer to you! What they need to do to avoid/minimize future incidents: Real-time Anomaly Detection Systems Blockchain Technology Multi-factor Authentication (MFA): Behavioral Biometrics Background Checks and Vetting Processes Access Control and Least Privilege Principle In conclusion, addressing the root causes of the security breach requires a holistic approach that encompasses technological advancements, regulatory frameworks, and organizational practices. By implementing comprehensive solutions and fostering collaboration, the Commercial Bank of Ethiopia can bolster its security posture and safeguard against future cyber threats, ultimately restoring trust and confidence among its stakeholders.

Interesting read about the recent breach with some critical measures to be considered. Especially exploring the opportunity of #blockchain would be vital. Such incidents may happen in this digital era irrespective of the systems and technologies in place. The critical issues are, diagnosing the situation, drawing appropriate lesson, adapting to the safe and efficient technology, and most of all delivering corporate responsibility through effective communication to the public/stakeholders. National Bank of Ethiopia Commercial Bank of Ethiopia Dawit Mengistu

Bank of America - spending billions on security, DLP everywhere - announces that customer data has been leaked. How? Third party was responsible. This is a classic case of building a strong castle, with big walls and cannons and armies - but - a n a bed of quicksand. How so? If data is being processed and transferred to a third party vendor any enterprise needs to create a real time data exchange catalog, not just a static outdated spreadsheet to be wheeled out during soc2. More importantly any changes to the data exchange catalog should impact data flows to third parties in real time. When did Infosys McCamish Systems let Bank Of America know, how much time was spent asking what have transferred, what is affected - the dance of the unknown! Did this multi billion $ organization have this in place to cut off data flows once intimated of the incident? I doubt it - they are not a #Riscosity customer.