IT Risk & Security

SWIFT announces plan to bolster banks’ cyber-security

SWIFT announces plan to bolster banks’ cyber-security

Gottfried Leibbrandt, CEO of SWIFT, the interbank software and messaging service for bank payments, has announced plans to reinforce its members cyber-security in the wake of February’s $81m theft from the Bangladesh central bank. Thieves used SWIFT instructions to steal the money, and attempted to divert a total of $951m. “I think it will prove »

British Insurance Brokers’ Association announces creation of cyber committee

Steve White, the British Insurance Brokers’ Association chief executive, has announced the creation of a cyber committee to monitor developments in cybersecurity and provide advice to insurance brokers on possible risks. The committee will be made up of technical experts from member firms. Speaking at the association’s annual conference on April 7th, White cited an »

Tricentis survey for Q1 ranks banks behind government bodies in “Fail Watch”

A criminal gang exploited vulnerabilities in the security systems of the central bank of Bangladesh and SWIFT payments software to steal $81 million in February — the most costly software bug classified in the first quarter by Austrian testing service provider Tricentis in its regular Software Fail Watch. But according to Tricentis’s quarterly report on »

BAE Systems blog details Bangladesh malware

Security specialist BAE Systems published blog on Monday April 25th revealing extensive details, including code, of the malware it says was used to hide traces of fraudulent payments by the gang that stole $81m from the Bangladesh central bank last February. According to the blog, authored by BAE Systems security analyst Sergei Shevchenko, the malware was »

DDoS cyber attacks: Europe’s banks need a plan


It’s an arms race and – right now – banks are losing. A recent casualty was HSBC, which on January 29th saw its online banking system brought down for several hours by a distributed denial-of-service (DDoS) attack. DDoS attacks are getting larger, and better organised. According to a recent report by Massachusetts-based security consultant Arbor »

SEBI extends software testing requirements to commodity firms

The Security and Exchange Board of India (SEBI) has said that from April 2016 commodities traders will be subject to the same software testing guidelines that apply to Indian securities exchanges SEBI’s 2013 guidelines set out how brokers operating on the securities exchanges must test software; how the exchanges must implement an approval process for the software »

Markit teams with banks for “Know Your Vendor” platform launch

Know Your Vendor

Markit, the information vendor, is teaming up with three leading banks to launch a “Know Your Vendor” database, which is calling KY3P. Barclays, HSBC and Morgan Stanley are working with Markit on the launch and will put information about their own third party vendors onto the platform, which will be delivered as a software as service via Dell »

Are regulators right to focus on robo-investing risks?

BlackRock, Vanguard, Fidelity and other leading names in fund management have been buying robo-investment platforms, or starting their own. Industry watchers have been predicting a “race to the bottom” as fees are cut to persuade customers to sign up. Especially in Europe, where the robo platforms have been charging higher fees than their US counterparts. »

NCC shares upgraded by broker on security business boom

Brokerage firm Peel Hunt has upped its valuation for shares in NCC, the London-listed security and testing firm which has reported a doubling of security “incidents” reported to it over the past year. Peel Hunt cited a number of key shifts in the marketplace for cyber-security services amounting to a: “Substantial broadening of the approach »

Asia to drive growth in security testing certification

Ian Glover-CREST

Ian Glover, president of CREST — the UK-based Council of Registered Ethical Testers — expects his organisation to certify a growing number of penetration and threat intelligence testing companies in 2016 as demand for their services grows. CREST, a not-for-profit organisation whose objective is to represent the information security industry by demonstrating the competence of »

Page 8 of 9«6789