Cyber Risk and Community Banks

A Q&A with Brian Schaeffer of OceanFirst Bank N.A.

It’s a given that cyber attackers will target financial institutions but community banks and credit unions may be more vulnerable, with fewer resources to devote to security and the assumption, among perpetrators, that they’re an easier mark. I spoke to Brian Schaeffer, Chief Information Security Officer of OceanFirst Bank, a $7.4 billion asset Bank based in New Jersey, about the current risk landscape for smaller financial institutions and how they can best prepare to face off against these threats.

Machine Learning and Threat Detection

A Q&A with Jim Leonard of InfoArmor

One of the newer and potentially more promising weapons being deployed in the battle for cyber security is machine learning, in which systems can improve themselves based on experience and previous data. We asked Jim Leonard, Director with the Advanced Threat Intelligence unit at InfoArmor for some insight on this technology and how it might help mitigate threats.

Cyber Risk for Public Entities

A Q&A with Thom Rickert of Trident Public Risk Solutions

Thom Rickert, vice president, emerging risks specialist for Trident Public Risk Solutions – Argo Group US, has specialized in public entity insurance for 35 years. In light of recent public entity cyber breaches like the ransomware attack we saw in Atlanta in March 2018, Rickert is increasingly concerned about how public entities can control and mitigate cyber risk. In our conversation, he explained why so many of these organizations are vulnerable and what can be done to shore up their security.

Auditing the Data Hiding in Plain Sight

A Q&A with Chris Pillay of Meridian Technologies

An often-overlooked risk in cyber security is software development and testing, which is often done in house in large companies. To test software, engineers utilize either scrubbed data and where the process of scrubbing personally identifiable information is too complex, costly or time-consuming, live data is used, posing serious security and privacy risks. I learned more about this issue by talking to Chris Pillay, CEO of Meridian Technologies.

Improving Password Management

A Q&A with Stewart Atkinson of Dashlane

Too often, data breach incidents can be traced to poorly managed passwords, underscoring the fact that humans are almost always the weak link. Yet with so many functions both in and outside the office requiring the use of usernames and passwords, maintaining proper password hygiene can be a challenge. I spoke to Stewart Atkinson of Dashlane (a password vault solution) about this risk exposure and how to ensure that preventable data loss isn’t an imminent threat to your company.

Privacy Ethics and Wrongful Collection of Data

A Q&A with Andy Sambandam of Clarip, Inc.

Wrongful collection of private data often occurs unwittingly on the part of both consumers and the companies tracking them. I talked to Andy Sambandam, founder and CEO of Clarip, Inc., a software as a service data privacy platform, about how individuals and organizations can be more savvy about the data collection in every day internet usage and the risks associated with it.

Biometrics and Privacy Law

A Q&A with Al Saikali of Shook, Hardy & Bacon, LLP

Up until recently class action suits involving the Biometric Information Privacy Act were rare. In the past two years, however, this Illinois statute has become the focus of a trend, with plaintiffs attorneys zeroing in on companies that employ Illinois residents. I spoke with Al Saikali, chair of the data security and privacy practice at Shook, Hardy & Bacon, LLP, about the law and the current landscape of biometric privacy litigation.

Blockchain and Cyber Risk

A Q&A with Scott Diamond of Chicago Crypto Network, LLC

Blockchain is an emerging technology with the potential to greatly reduce cyber risk and ensure data integrity. To find out more about how it works and why organizations can benefit from rethinking their business processes, I talked to Scott Diamond of Chicago Crypto Network.

Public Entities and Cyber Security

A Q&A with David Lineman, Information Shield

Public entities are equally at risk for data loss incidents as organizations in the private sector, yet PEs are often far less prepared to handle these events. I spoke to David Lineman, president of Information Shield, about how PEs can strengthen their cyber security posture.

Key Security Trends in the Verizon Data Breach Investigations Report

A Q&A with David Hylender

2017 marked the tenth year for the Verizon Data Breach Investigation Report, an invaluable resource for understanding the current landscape in cyber security. This year 65 organizations from around the world reported 1,935 confirmed breaches and 42,068 data loss incidents. I asked David Hylender, senior risk analyst at Verizon Business, about the findings and key takeaways from this most recent edition.

No more posts.