Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive
150x172_CUEffect.jpg
Contacts
LISA MCCUEVICE PRESIDENT OF COMMUNICATIONS
EDITOR-IN-CHIEF
MICHELLE WILLITSManaging Editor
RON JOOSSASSISTANT EDITOR
ALEX MCVEIGHSTAFF NEWSWRITER
TOM SAKASHSTAFF NEWSWRITER

News Now

CU System
Security not a tech issue but a biz issue
NEW YORK (11/14/08)--Security vulnerabilities often are not directly a technology issue, but a business issue, according to two IBM security executives. “There is no silver bullet, and the worst enemy is a lack of awareness,” said Phil McHugh, IBM ISS security executive, and Guy Denton, IBM ISS executive consultant, during a recent webinar that focused on security challenges faced by financial services providers. Risks can be data-driven, business-driven, or event-driven. Data-driven problems include viruses, worms, and disk failure. Business-driven problems include application outages, network problems and lack of governance. Event-driven problems stem from terrorism, natural disasters, power failures, fires or a pandemic, the webinar said. Increased collaboration among businesses also poses risks, McHugh said. Credit unions that want to guard against risks can undergo assessments. Vulnerability assessments provide penetration testing to see if vulnerabilities exist, and information security assessments comprehensively evaluate organizations’ information policies, procedures, controls and mechanisms. Five other initiatives that financial services providers are undergoing to prevent risks are:
* Access and identity management; * Security regulatory compliance; * Security training and awareness; * Governance for security, including frameworks; and * Disaster recovery and business continuity.
The webinar also noted security issues with Web 2.0, which is a catch-all term to describe sites that are more than static pages. The key enabler with Web 2.0 pages is the Asynchronous Javascript and XML--or AJAX. Traditional security approaches don’t work in Web 2.0, but credit unions can implement risk-based, enterprise-wide security programs to mitigate Web. 2.0’s applications with an integrated framework approach, McHugh and Denton said.
Other Resources

RSS





print
News Now LiveWire
What is the @NCUFoundation ? Watch this Foundation video: http://t.co/iC6XoInU7r
44 minutes ago
Follow @cumagazine for even more #CUNAGAC live-action reports March 8-12 #creditunion #creditunions #UniteForGood
3 hours ago
Make sure 2 follow us @NewsNowLiveWire ,and @cuna , during March 8-12 Governmental Affairs Conference #CUNAGAC #crashthegac15 #UniteForGood
3 hours ago
Memberships, loans continue positive trend: @CUNA's monthly survey #NewsNow http://t.co/QnAlJ4DB3O
3 hours ago
Grand opening of @McGrawHillFCU's branch puts high touch on member service #NewsNow http://t.co/RlnJNrcwM8 #Backat55
4 hours ago