Risk Management

Analysis of Equifax communication on 15th September, 2017

Intro On 15th September, 2017, Equifax released the details of the security incident.  Having gone through it, some questions and comments on the statements made in the article. Timeline “Chief Information Officer and Chief Security Officer are retiring” – Good call, CSO should always be someone how has information security background. Russ Ayres the new CSO …

Analysis of Equifax communication on 15th September, 2017 Read More »

The Wall Street Journal.: Wealth Adviser Daily Briefing: Raymond James Fined $17 Million for Anti-Money-Laundering Lapses

Ideal example if risk management.  Most organizations are taking this approach where the calculate risk vs reeard and plow through. Even after paying the fines the probably made much more and the fines were already accounted in their P&L analysis The Wall Street Journal.: Wealth Adviser Daily Briefing: Raymond James Fined $17 Million for Anti-Money-Laundering …

The Wall Street Journal.: Wealth Adviser Daily Briefing: Raymond James Fined $17 Million for Anti-Money-Laundering Lapses Read More »

PCI Standards Security Council extends the SSL/TLS migration date to June 2018

Finally PCI Standards Security Council is finally realizing how much of an issue it is for organizations to migrate to new standards.  If they stood by their initial deadline, everybody would have been non-compliant. Organizations have to procure funding before embarking on this task, and in this landscape, capital is in short supply. Source: Migrating_from_SSL_and_Early_TLS_-v12.pdf