Finance – Noise

AI and the SEC Whistleblower Program

B. Schneier — Mon, 21 Oct 2024 11:09:33 +0000

Tax farming is the practice of licensing tax collection to private contractors. Used heavily in ancient Rome, it’s largely fallen out of practice because of the obvious conflict of interest between the state and the contractor. Because tax farmers are primarily interested in short-term revenue, they have no problem abusing taxpayers and making things worse for them in the long term. Today, the U.S. Securities and Exchange Commission (SEC) is engaged in a modern-day version of tax farming. And the potential for abuse will grow when the farmers start using artificial intelligence...

The Hacker Tool to Get Personal Data from Credit Bureaus

Bruce Schneier — Thu, 07 Sep 2023 11:09:35 +0000

The new site 404 Media has a good article on how hackers are cheaply getting personal information from credit bureaus:

This is the result of a secret weapon criminals are selling access to online that appears to tap into an especially powerful set of data: the target’s credit header. This is personal information that the credit bureaus Experian, Equifax, and TransUnion have on most adults in America via their credit cards. Through a complex web of agreements and purchases, that data trickles down from the credit bureaus to other companies who offer it to debt collectors, insurance companies, and law enforcement...

For Finserv Ransomware Attacks, Obtaining Customer Data Is the Focus

Tom Caiazza — Thu, 07 Jul 2022 14:00:47 +0000

We found customer data in the overwhelming majority of data disclosures from ransomware attacks against the financial services industry.

What’s Changed for Cybersecurity in Banking and Finance: New Study

Jesse Mack — Tue, 10 May 2022 15:27:36 +0000

The results of a new VMware study show a changing landscape for cybersecurity in banking and finance.

Cloud Security and Compliance: The Ultimate Frenemies of Financial Services

Ben Austin — Thu, 17 Feb 2022 14:52:13 +0000

Here are four ways finserv companies can embrace the love-hate relationship with cloud security and compliance while effectively navigating the need to maintain pace with today's rapid rate of change.

The Future of Finserv Security: Cloud Expert and Former CISO Anthony Johnson Weighs In

Rapid7 — Wed, 16 Feb 2022 14:34:18 +0000

Former CISO Anthony Johnson talks about the latest developments in finserv security and how these developments are being received within the industry.

Update to GLBA Security Requirements for Financial Institutions

Harley Geiger — Wed, 10 Nov 2021 19:55:30 +0000

The FTC updated cybersecurity requirements for financial institutions under GLBA. This includes access controls, regular penetration testing and vulnerability scanning, and incident response, among other things. Here we'll detail the changes in comparison to the previous rule.