Banks Must Tighten Security for Their Vendors

Wall Street banks and other financial institutions need further strengthening of their cyber security measures.

A survey of 40 banks by the New York Department of Financial Services found that nearly one in three don't require third-party vendors to alert them about information security breaches or other cyber security intrusions. In other findings, the seven-page report said:

• Fewer than half of the banks surveyed said they conduct any on-site assessments of third-party vendors.

• Roughly one in five banks don't conduct on-site assessments of the service providers.

• One-third of the institutions surveyed don't require third-party vendors to mandate similar cyber security requirements on their own subcontractors.

Additionally, U.S. branches of foreign banks questioned in the survey instituted some tougher cyber security requirements than domestic counterparts, said USA Today. According to the survey, the foreign banks required multi-factor authentication — a process that involves more safeguards than a computer password — "much more than large or small domestic institutions."

The NY Department of Financial Services, says USA Today, is conducting a similar review of cyber security precautions by third-party vendors of the insurance firms it oversees. The results of the surveys will be used to craft rules to guard against electronic breaches that could potentially harm millions of banking and insurance clients.

http://www.usatoday.com/story/money/2015/04/09/bank-cybersecurity-threats/25517905/

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.