Credit Union Information Security Podcast

Interview With Dick Langford, VP, BB&T What happens after a major security breach such as the Heartland Payment Systems hack? How do banking institutions go about notifying their customers - whose responsibility is it? At BB&T in Winston-Salem, NC, the role is filled by Dick Langford, Vice President and Manager, Information Security Compliance Management. In an exclusive interview, Langford discusses: How BB&T approaches client notification; Lessons learned from security breach response; The different ways the bank approaches customer awareness to meet all customers' needs. Langford has 19 years experience in information protection in the financial sector. Previously with the Federal Reserve Bank of Kansas City, he has managed elements of BB&T's information protection program since 1998. His current responsibility is directing a network of over 100 Information Security Compliance Managers representing each line of business, subsidiary, and affiliate company in BB&T Corporation, thereby ensuring compl

Melinda Love, a longtime leader in the National Credit Union Administration (NCUA) has just been appointed the new Director of the NCUA's Office of Examination and Insurance. In an exclusive interview, Love discusses her new role and regulatory priorities for credit unions in 2009, offering insight on: Challenges and opportunities for credit unions in the current economy; 2009 regulatory priorities, including risk management systems and vendor management; How credit unions are faring with the newly-enforced Identity Theft Red Flags Rule. A seasoned NCUA executive, Love has served as regional director of the NCUA's Region V office for 5 1/2 years, and she served as director of the former Chicago regional office. Love is a past NCUA deputy executive director and she has also served as deputy director within NCUA's Office of Examination and Insurance. Her NCUA career began in 1986 as an examiner in Northern California. She is a former principal examiner, problem case officer, supervision analyst, supervisor

The Heartland Payment Systems data breach is on everyone's mind, and the case is in the hands now of the Federal Trade Commission (FTC) if it chooses to investigate. While the FTC will neither confirm nor deny a Heartland investigation, staff attorney Alain Sheer does offer his insight on: How the FTC investigates data breaches like Heartland's; The timeline and milestones of such an investigation; Details of the CardSystems data breach - which closely resembles Heartland's.

The Obama Administration has stepped forward with its plan to rebuild the troubled U.S. financial system. And the market has responded by retreating. Where did the Administration go wrong with its announcement this week, and what does the economy truly need to start to rebuild liquidity and confidence? In this exclusive interview, economist Alan Madian shares insights on: The Obama Administration's missteps; What the banking industry needs to regain its strength; Economic signs to look for in the months ahead. Madian is an economist, management consultant and investment banker who currently serves as a director with LECG, a global expert services and consulting firm. He has provided services as an expert witness, policy advisor, strategy and implementation consultant, and financial advisor for more than 25 years. He has testified on damages and liability in commercial litigation, on the determination of regulated rates of return, and on contractual allocation of risk. Madian has conducted antitrust and ma

What does the Obama Administration's financial industry rescue plan offer that's different from the Bush Administration's approach? Not much, says William Isaac, former FDIC Chair (1981-85). In an exclusive interview, Isaac discusses: What the new plan means to the banking industry; The types of reform the industry really needs; How and why today's economic crisis differs from the Great Depression and other historic downturns. Isaac is chairman of the Secura Group, a leading financial institutions consulting firm, operating as a division of LECG. The Secura Group provides financial advisory services, strategic planning, regulatory counseling, risk-management services, strategic studies, and general management consulting for financial institutions. LECG, of which Isaac is a managing director, is one of the world's leading expert services firm with professionals serving Global Fortune 500 firms from offices around the world. Isaac also serves as chairman of various Isaac family real estate development com

On Tues., Feb. 10, Treasury Secretary Timothy Geithner unveiled the Obama Administration's new strategy for easing the credit crunch and strengthening the U.S. banking industry. In an exclusive interview, Nancy Atkinson, senior analyst at Aite Group LLC, discusses: How the new plan differs from the Bush Administration's; What the Obama plan means to the banking industry; What we should expect to see for immediate changes - and how these changes may impact risk management and information security. Nancy Atkinson is a senior analyst at Aite Group, LLC, specializing in wholesale banking issues including wholesale payments, trade finance and financial supply chain and working capital management. Her recent research has focused on electronic check processing and clearing, innovation in accounts payables and receivables, and transitions in the global wholesale payments market. She has also examined opportunities to leverage procurement cards in corporate payables and the impact of health savings accounts on ba

The number of identity fraud victims has increased 22 percent in the U.S., costing 9.9 million victims a total of $48 billion in 2008. This is the news from the fifth annual Identity Fraud Survey Report from Javelin Strategy & Research. In an exclusive interview, James Van Dyke, Javelin founder and President, discusses: Highlights - and surprises - from the study; What it all means to banking institutions; Trends for institutions and their consumers to watch for in 2009.

The Heartland Payment Systems data breach - it's the first major security incident of 2009. But how big is it really? What are the key takeaways for banking institutions left explaining this breach to their customers? In an exclusive interview, James Van Dyke, Founder and President of Javelin Strategy & Research, discusses the implications of the Heartland case, offering insight on: Conclusions we can draw from the Heartland breach; How banking institutions should communicate with their customers; Vulnerabilities we should watch to avoid the next big breach. Van Dyke is founder and president of Javelin Strategy & Research. Javelin is the leading provider of independent, quantitative and qualitative research for payments, multi-channel financial services, security and fraud initiatives. Javelin's clients include the largest financial institutions, card issuers and technology vendors in the industry.

Higher education hasn't been immune to the ravages of the recession economy. Scholarships and tuition reimbursements are tougher for students to come by, and career opportunities have diminished. That said, job opportunities for information security students abound - in both the private and public sectors. In an exclusive interview, Dr. Peter Stephenson, CISO at Norwich University, discusses: His school's graduate and undergraduate security programs; How Norwich is preparing students for careers in information security; Ways that businesses and government agencies can collaborate with educational institutions to better prepare students for productive careers. Stephenson is a writer, consultant, researcher and lecturer on information assurance and risk, digital investigation and forensics on large-scale computer networks. He has lectured extensively on digital investigation and security and has written or contributed to 14 books and several hundred articles, in major national and international trade,

We all know we're mired in an historic global recession - the biggest economic downturn since the Great Depression, and it may well prove to be the longest. But when can we hope to escape it? In this exclusive interview, Ed Friedman, a director with Moody's Economy.com, a division of Moody's Analytics, shares fresh insights on: The latest economic signs and what they mean; Unique economic factors for banking institutions to weigh; What to expect from the new Administration in the months ahead. Ed Friedman is a director of Moody's Economy.com. He covers the states of Texas and Minnesota, provides monthly summaries of the U.S. financial industry, and maintains a high-frequency econometric model used to estimate current-quarter GDP. Dr. Friedman also edits monthly regional and macroeconomic publications, is participating in a project to expand metropolitan area forecasting to foreign cities, and manages the work of junior personnel. Now based in the company's West Chester PA office, he previously worked fo

Randy Caraway, a banking/information security consultant, not only knows about the impact of economic conditions on banking institutions - he's felt them personally. Formerly with JPMorgan Chase, Caraway now consults privately, serves on the CISM certification board for ISACA, and in this exclusive interview offers insights on: How banking/security leaders should protect their careers; This year's major security and compliance priorities; How to mitigate the insider threat.

Regulatory compliance is the backbone of a financial institution's information security program. But compliance alone isn't enough, says John Pironti of ISACA's Education Board, who advises institutions to take a risk-based, not a "checklist-based" approach to security. In an exclusive interview, Pironti discusses: The risks of 'Security by Compliance'; Top risk management/compliance issues of 2009; What will be the most in-demand skills and job opportunities for information security professionals. In addition to his role with ISACA, Pironti is currently the Chief Information Risk Strategist for CompuCom. He has designed and implemented enterprise wide electronic business solutions, information security programs, and threat and vulnerability management solutions for key customers in a range of industries, including financial services, government, hospitality, aerospace and information technology on a global scale. Pironti has a number of industry certifications including Certified in the Governance of Ente

Looking ahead to 2009, banking/security guru Steve Katz quotes the ancient proverb: "May you live in interesting times." With a new administration, new banking landscape and regulatory changes expected, we live in interesting times, indeed. In an exclusive interview, Katz discusses: The biggest banking/security stories of 2008; What banking institutions must do to strengthen customer confidence in 2009; What we might expect in terms of regulatory change from the Obama administration and Democratic Congress. The world's first Chief Information Security Officer, Steve Katz is a prominent figure in the network security discipline. Since 1985, he has served as the senior security executive for Citibank/Citigroup, JP Morgan, and most recently Merrill Lynch - and has been a force in raising the visibility and shaping the direction of the security industry at industry and government levels. Deeply respected within both the financial services and security industries, Katz has testified to Congress on informatio

Given 2008's global financial crisis, what can we expect in terms of new legislation and regulation in 2009? Aite Group, the Boston-based financial services analyst firm, takes a stab at answering this question in a new report "What Next? Legislative and Regulatory Response to the Financial Crisis." In an exclusive interview, Aite Analyst Eva Weber discusses: Initial conclusions from the study; Recommendations for financial institutions in 2009; Key takeaways for banking/security leaders who need to be concerned with all threats to their institutions. Weber focuses on the regulatory and compliance issues facing financial institutions. Recent research has focused on anti-money laundering, risk management, fraud, and bank regulation at the federal and state levels. She brings to the position research and analytical skills gained in five years as a practicing attorney, and has helped Aite Group clients respond to major regulatory initiatives, such as Sarbanes-Oxley, the Bank Secrecy Act, the USA PATRIOT Ac

Check fraud. Crimes against children and the elderly. These are among the current faces of Identity Theft, and experts expect to see even more of these opportunistic crimes in 2009. To help prevent these crimes - and to help banking institutions to protect their customers - Linda Foley, founder of the Identity Theft Resource Center, discusses: The greatest ID theft concerns of 2008; What to expect in 2009; How banking institutions can help customers help themselves. Linda Foley founded the Identity Theft Resource Center with Jay Foley in 1999. The nationally recognized victim assistance and public education organization was established in response to an epidemic rise in identity theft crimes. Today, Linda is acknowledged as an expert on identity theft issues.

Interview with Jody Westby, Adjunct Distinguished Fellow at CyLab and CEO at Global Cyber Risk At a time when risks are high and consumer confidence is low, corporate boards of directors aren't paying nearly enough attention to information security and cyber threats. This is the key takeaway from a new Carnegie Mellon University CyLab survey, which shows that there is a "gaping hole as wide as the Grand Canyon" in board and senior executive oversight of these critical business issues. Read more about this survey in an article by Linda McGlasson. To understand this study, we spoke with its author, Jody Westby, Adjunct Distinguished Fellow at CyLab and CEO at Global Cyber Risk. In an exclusive interview, she discusses: Key findings; Greatest concerns from the study; Recommendations for what financial institutions should do now to address these concerns. Jody Westby received her B.A., summa cum laude, University of Tulsa; J.D., magna cum laude, Georgetown University Law Center; Order of the Coif. Drawing

It's been a wild year for the banking industry, and 2009 promises to be an eventful one, too, with a new Presidential administration and discussion of new industry regulations. To reflect on the year behind us and consider the year ahead, we caught up with Doug Johnson, Vice President of Risk Management Policy with the American Bankers Association to discuss: The state of the banking industry; What to expect for regulations in 2009; Advice for banks as they transition into the new year. Doug Johnson serves as Senior Policy Analyst for the American Bankers Association, where his public policy responsibilities include payments system technology and the relationship between technology, privacy, and security. Doug also advises the ABA and its members on a variety of other matters, including social security reform, real estate brokerage, mortgage finance, and public funds. He was responsible for the ABA's recent release of a series of tools to assess information technology risk and safeguard customer informa

Interview with Dwayne Melancon, VP of Corporate and Business Development, Tripwire Regulatory compliance - it's the priority that never goes away for banking institutions. And in today's economy, it's the lynchpin of the safety and soundness that customers need to see to retain confidence. In this exclusive interview, Dwayne Melancon of Tripwire discusses: The five core competencies of regulatory compliance; How to build a business case for - and derive ROI from - automated compliance; Regulatory compliance trends to watch for in 2009. Dwayne Melancon joined Tripwire in 2000 and serves as Tripwire's Vice President of Corporate and Business Development leading the company's strategic partnerships and alliances. In previous positions at the company, He was vice president of Professional Services and Support, Information Systems, and Marketing. Melancon is certified on both IT management and audit processes, possessing both ITIL Foundations and CISA certifications.

The recession is officially here, and major banking institutions are announcing thousands of layoffs weekly. And, yet, now is a good time for information security professionals, whose skills and expertise are in greater demand than ever. In this exclusive interview, W. Hord Tipton, Executive Director of (ISC)², discusses: Career trends in information security; New certification programs available from (ISC)²; Job-hunting advice for security professionals looking to start or switch careers in financial services. W. Hord Tipton is the executive director for (ISC)², the global leader in educating and certifying information security professionals throughout their careers. Tipton previously served as president and chief executive officer of Ironman Technologies, where his clients included IBM, Perot Systems, EDS, Booz Allen Hamilton, ESRI, and Symantec. Before founding his own business, he served for five years as Chief Information Officer for the U.S. Department of the I

Interview with Dave Jevans, Chairman of the Anti-Phishing Working Group Amidst the volatility and confusion in the marketplace, the threat of fraud is heightened - which means ... beware of phishing. In this exclusive interview, Dave Jevans, chair of the Anti-Phishing Working Group, discusses: The state of phishing against banking institutions; The most effective ways for banking institutions to fight back; Top trends going into the new year. David Jevans is the Chairman and Founder of the Anti-Phishing Working Group , the leading non-profit organization dedicated to eradicating identity theft and fraud on the Internet. The APWG has over 1,500 member companies and agencies worldwide. Membership is limited to banks and other financial institutions, ISPs, law enforcement agencies and security technology vendors. David has over 10 years of business experience in the Internet security industry, and has founded two high-tech startups, been through IPO, mergers and acquisitions.