Banking Technology Connections: January 18, 2012

Welcome to Banking Technology Connections. The goal of the newsletter is to communicate recent trends and issues facing Banking Technology Professionals.

Please contact Matthew J. Putvinski, CPA, CISA, CISSP, Member of the Firm and Director of IT Assurance and Security services, at (617) 428-5479 or mputvinski@wolfandco.com if you have questions regarding this e-newsletter.  If you would like to subscribe to this newsletter and recieve it via email please contact Laura Lozada at llozada@wolfandco.com.

Interesting Articles of the Week
"'Critical' Windows Media flaws put millions at risk" Via @DrInfoSec 
http://www.zdnet.com/blog/security/critical-windows-media-flaws-put-millions-at-risk/10017?tag=nl.e589

BOFA Broker Caught Downloading and Emailing Client Info Via @dataprivacyrisk  http://www.forbes.com/sites/billsinger/2012/01/10/banc-of-america-broker-caught-downloading-and-emailing-client-info/

"Data breaches involving paper records; both blame cleaning crews" Via @PrivacyProf  http://www.cbsatlanta.com/story/16478506/tough-questions-for

"Banks Unite to Battle Online Theft" Via  @AmerBanker  http://online.wsj.com/article/SB10001424052970203436904577151230598919896.html

"FDIC malware attack targets businesses" Via @Security_FAQs  http://nakedsecurity.sophos.com/2012/01/10/fdic-malware/?utm_source=twitterfeed&utm_medium=twitter&utm_campaign=Feed%3A+nakedsecurity+%28Naked+Security+-+Sophos%29

"When Does HIPAA Apply to Banks?" Via @healthinfosec  http://www.healthcareinfosecurity.com/articles.php?art_id=4386

"Your Business Needs a Social Media Policy: Here's Why (and How)" Via @jaredcorreia  http://smallbusiness.jdsupra.com/post/15249623813/your-business-needs-a-social-media-policy

"The State of ACH Fraud. Incidents Continue; We Just Hear Less About Them" Via @FraudBlogger  http://www.cuinfosecurity.com/blogs.php?postID=1163&rf=2012-01-07-ec&elq=36d9997b300c429db58201a1b0f1e984&elqCampaignId=

"What bank CIOs have on their drawing boards for 2012" Via @BankTechNews  http://www.americanbanker.com/btn/25_1/the-bank-cio-agenda-for-2012-1045224-1.html

"Here are the 2012 Privacy & InfoSec predictions we just released" Via @dataprivacyrisk  http://corporateinsuranceblog.com/2012/01/04/2012-data-privacy-and-information-security-predictions/

"Fiserv Announces Patent Infringement Lawsuit" Via @AmerBanker  http://investors.fiserv.com/releasedetail.cfm?ReleaseID=637358

Do you have an article that you would like to share with the group?  Let us know and we will add it to the list!

Upcoming Events
1/21/12 - The New England InfoSec Tweetup - Nashua, NH
http://neistu3.eventbrite.com/

1/24/2012 - FMS Boston Chapter - 10 Things Core Service Providers Don't Want You to Know
http://www.fmsboston.org/meetings1.php

1/26/12 - ISACA - Apple iOS - Mobile Security and Deployment Risk Mitigation
http://isacane.org/events_detail.php?select=286

2/28/12 ISACA NE: Advanced Persistent Threat: The Battle To Own Your Network
http://isacane.org/events_detail.php?select=287

3/12/12 - 3/15/12 - Wolf is hosting a "Best Practices for Securing and Auditing Virtualized Environments" in our Boston office. Great training and 32 CPEs for $1,500.  To register or for more information, please contact Melissa McCarthy at 617-261-8171 or mmccarthy@wolfandco.com.

3/13/12 - Shared Assessments Summit 2012: The Role of Vendor Risk Management in an Increasingly Complex Business Environment - Use Code "CB10" when registering to save 10% for being a client of Wolf!
http://www.cvent.com/events/shared-assessments-summit-march-2012/event-summary-1eadfbbd853c455e9432906801c13b1c.aspx
 
4/11/12 - Maine Bankers Association - Bank Expo
http://www.mainebankers.com/maine-banks-events-education/events

6/6/12 - NY Bankers Association - 9th Annual Technology, Compliance & Risk Management Forum
http://www.nyba.com/education/2011-TCRM-Forum.html
 
Do you have an event that you would like to share with the group?  Let us know and we will add it to the list!

Important Regulation Deadlines
12/31/2011 - FFIEC Multifactor Authentication
http://www.ffiec.gov/press/pr062811.htm  
 
3/1/2012 - Mass Privacy Regulation Vendor Contract Requirements
http://www.mass.gov/ocabr/docs/idtheft/201cmr1700reg.pdf
 
Is there a regulation that you feel is pertinent to the group that we missed?  Please let us know!

If you would like to subscribe to this newsletter and receive it via email please contact Laura Lozada at llozada@wolfandco.com.