BLOGS

INSIGHTS

BLOGS

Filter By:
E.g., 2022-12-08
E.g., 2022-12-08
July 21, 2022
The Great Resignation—a phenomenon in which an unprecedented number of employees worldwide quit their jobs over the past few years—has ushered in novel ways of thinking about workplace culture. Employees are prioritizing a better work-life balance, remote and hybrid options, and higher pay. Many companies have sought to adapt to these shifting expectations, but a talent gap—or labor shortage—...
Read Full Post
June 22, 2022
The COVID-19 pandemic spurred on rapid digitalization, forever changing how people and organizations conduct business. While this digitalization brought many benefits with it, it also opened new attack vectors and brought about increasingly sophisticated and frequent cyber threats. Bot attacks are one particularly pernicious type of threat, and they are on the rise. According to Kasada’s 2021...
Read Full Post
March 2, 2022
A poignant example of concentration risk is the congregation of software development and IT service firms located throughout Ukraine. Just a few days ago, this risk was most likely not on anyone’s radar. The irony is major companies priding themselves on following robust risk management practices chose to conduct business in a country that has been in armed conflict for eight years. Some...
Read Full Post
February 28, 2022
The recent invasion of Ukraine by Russia has almost certainly escalated the risk of cyberattacks on U.S. financial institutions. On February 17, government officials from the White House, Treasury Department, U.S. Cybersecurity and Infrastructure Security Agency (CISA), and FBI met with executives from leading U.S. banks (including JPMorgan Chase and Citigroup) to discuss defenses and advise...
Read Full Post
Tiffany Wang
February 1, 2022
Cyberattacks were on the rise in 2021, as was the level of sophistication of these attacks. Bad actors used automated tools, social engineering, and compromised endpoints to their advantage; ransomware has become a common weapon of choice for crime rings. In fact, at least one large North American financial institution reported that its customers went from facing a handful of ransomware...
Read Full Post
November 19, 2021
With workforces and organizational data assets scattered globally and corporate networks being accessed remotely, the financial services (FS) industry is increasingly susceptible to cybersecurity breaches. In this dispersed environment, attackers target remote workers and unsecure personal devices by compromising identities to circumvent traditional network security policies. These cyberattacks...
Read Full Post
November 8, 2021
With the rise of the hybrid, work-from-home workforce and increasing global distribution of corporate information and network assets, financial services (FS) and banking organizations are rethinking how they can effectively protect data. FS chief information security officers (CISOs) are prioritizing implementation of zero-trust architecture (ZTA) because the traditional information security...
Read Full Post
August 10, 2021
At Aite-Novarica Group we have covered the evolution and complexity of data privacy requirements. In January 2020 one of our top 10 trends in cybersecurity for 2020 was “additional complexity is associated with data and privacy requirements.” In that report, I wrote about the EU General Data Protection Regulation (GDPR) and noted that “… the individual EU country data supervisory authorities...
Read Full Post
Joseph Krull
December 28, 2020
A vulnerability in the SolarWinds Orion product paved the way for immense cybersecurity attacks in 2020. Attackers slipped into corporate and government agency networks using compromised user credentials and then used powerful exploits to gain elevated administrative privileges. Central to the attacker’s strategy was security assertion markup language (SAML). It is a standard that guides networks...
Read Full Post
Steve Hunt
December 24, 2020
Hundreds of articles have already been written about the recent sophisticated campaign to penetrate government agencies and enterprises using a doctored software update to SolarWinds Orion, SolarWinds’ network management product. Up to 18,000 SolarWinds customers may have been affected. It’s likely that the cybersecurity community will learn more in the coming weeks, but what we know now points...
Read Full Post
Joseph Krull

HOW CAN WE HELP?

If you have a question specific to your industry, speak with our experts.  Call us today to learn about the benefits of becoming a client.

Receive email updates relevant to you. Subscribe to entire practices or to selected topics within practices.