Image is not available
InfraGard Indiana
Members Alliance

Read more about the Indiana InfraGard Chapter

>

Image is not available
InfraGard Indiana
Members Alliance

Assist with the InfraGard Mission to Learn, Respond, Protect, and Participate in the protection of critical infrastructure.

Image is not available
InfraGard Indiana
Members Alliance

Check out our events calendar.

>

Slider

How Can I Improve My Incident Response Plan?

Jenny Roland-Vlach, CISM, Compliance Analyst – Jack Henry & Associates Incident Response Plans have been a critical component for financial institutions (FIs) for quite some time now. The foundation was outlined as part of GLBA and guidance was later issued on the requirements for these response programs where customer information had been accessed. So, this raises the question, if Incident Response Plans have been a necessity for so long, why do so many FIs continue to have ineffective plans in [...]


Posted By Category: General, Financial ServicesComments: 0

3rd Annual Financial Services Conference

The 3rd Annual Financial Services sector conference is now in the past. We had a great time this year at the CNO Financial conference center! Our speakers from the Office of the Comptroller of Currency, SmithAmunsen Law Firm, and Pondurance provided us with some outstanding presentations on what to expect from Cloud providers of financial services. As we migrate many of our service lines from in-house systems on our servers over to vendor-provided Cloud solutions, we need to know [...]


What Do You Mean You Aren’t Testing Your Incident Response Plan?

Jenny Roland-Vlach, CISM, Compliance Analyst – Jack Henry & Associates As part of the Jack Henry & Associates Gladiator IT Regulatory Compliance group, I have had the opportunity to have some interesting conversations with customers, and I have noticed there is one topic in particular that seems to keep popping up: Incident Response Plan testing. The questions that I am most often asked regarding testing are the following: “We don’t test our Incident Response Plan, can we remove the section [...]


Bitcoin and Blockchain Technology

There has been a significant amount of news recently about Bitcoin and the fortunes that have been made and lost over the past few months. Bitcoin is going to have a profound impact upon the financial services industry. There is no question about that. The question is when your Board of Directors and Executive Leadership Team is going to be coming to you with questions about the technology that you’re going to have to explain in terms that they [...]


Network Patching and Code Signing

Introduction The recent Equifax breach has prompted a great deal of technical chatter regarding patching our systems. The staff in your IT department are intimately familiar with patch management regimens. There are legitimate reasons to delay patching (the Equifax incident was not supported by a legitimate reason not to apply the patch in question). In this blog segment, I’m going to present what the issues are to the non-technical reader so that you can better understand what is involved in [...]


Hacking Back

As an information security professional and digital forensic investigator, I’m often asked why I don’t pursue the people who are hacking us. There is a lot of political and journalistic attention being given to the concept of going after the bad guys who have been attacking our critical infrastructure, our voting systems, our banking wire systems, and even our personal information. The recent WikiLeaks Vault 7 releases of US government-created hacking tools, and their resulting malware (WannaCry, Petya, CherryBlossom, [...]


Posted By Category: Financial ServicesComments: 0

FFIEC Cybersecurity Assessment Tool

For those financial services organizations that fall under the watchful eye of the Office of the Comptroller of Currency (OCC), you’re probably at least passingly familiar with the Federal Financial Institutions Examination Council (FFIEC). The FFIEC developed a self-assessment tool to help institutions identify their vulnerabilities and determine their current state of cyber risk. The FFIEC recognized that financial institution Boards of Directors didn’t have a clear, understandable, and consistent vehicle for communicating the state of cyber-preparedness of the [...]


Posted By Category: Financial ServicesComments: 0

Introducing the Infragard Indiana Financial Services Sector Blog

Hello and welcome to the Indiana Infragard Financial Services sector blog. In this blog, we will be addressing some of the issues relating to the banking and financial services sector. There is a lot of information that is being presented to us from many directions. Trying to keep up with the FS-ISAC, the IN-ISAC, US-CERT, InfraGard, etc. can be a full-time job. I don’t plan to make this blog yet another alert system for telling you things that you’re [...]


Posted By Category: Financial ServicesComments: 0