With the Swiss bank offering new details about the severity of its trading scandal, industry experts share insights on risk management and the failure of systems and staff to detect unauthorized trades.
From 2004 to 2010, Latesha Brown used her privileges to accept and submit forged birth certificates, pay stubs and other documents to obtain loans at several institutions. How did she go undetected for so long?
"You can't have someone arrested for violating your policies," says former Bear Stearns CISO Jennifer Bayuk. "The question is: What did he do, and was there a policy that would have prevented the activity?"
Are executives spending too much time and energy focused on external hacks, sacrificing attention they should be paying to internal threats? It's good that business leaders understand insiders pose risks, but are they taking those risks as seriously as they should?
"If [employees] aren't being treated right and they don't think leaders at the bank are running the bank correctly, they can rationalize committing fraud," says banking/security expert George Tubin on the risk of insider crimes.
Executives in a variety of industries who are in charge of securing their enterprises' IT say they're more anxious about outsiders hacking into their systems than insiders - either maliciously or inadvertently - threatening their digital assets, a new survey shows.
A repentant SparkyBlaze wants to go legit, leaving behind the hacktivism he helped foster as a member of Anonymous and start a career in the U.S. as a ethical hacker. As proof, he's offering advice to protect IT from hackers.
Because social media pose significant risks to patient privacy, healthcare organizations need to develop detailed social media policies. But unfortunately, many organizations have yet to take that action.
According to FINRA, Citi's negligence in adequately supervising Tamara Moon, a former sales assistant at a Citi branch in Palo Alto, Calif., resulted in $749,978 being skimmed from the accounts of 22 Citi customers.
For John Colley, managing director of (ISC)2 in EMEA, ethics need to be addressed more frequently in the workplace. Organizations can no longer assume information is legitimate or has been gained through ethical means.