Banking Information Security Podcast

Cybersecurity is the buzzword these days, and in terms of education ... Carnegie Mellon University is all over it, and has been for nearly a decade. In an exclusive interview, Pradeep Khosla, dean of the College of Engineering at Carnegie Mellon, discusses: The school's current cybersecurity programs; Hot career opportunities for graduates; Advice for those looking to start or jump-start a cybersecurity career. Khosla is currently Dean of the College of Engineering and the Philip and Marsha Dowd University Professor at Carnegie Mellon. His previous positions include: Founding Director, Carnegie Mellon CyLab; Head, Department of Electrical and Computer Engineering; Director, Information Networking Institute; Founding Director, Institute for Complex Engineered Systems (ICES); and Program Manager, Defense Advanced Research Projects Agency (DARPA), where he managed a $50M portfolio of programs in real-time systems, internet enabled software infrastructure, intelligent systems, and distributed systems.

Identity theft is a growing concern for governments, businesses and citizens alike. "We're in the middle of a national identity crisis," says Neville Pattinson, VP of Government Affairs & Standards, NA., Gemalto. In an exclusive interview, Pattinson discusses: The case for credentialing; Practical applications of credentialing in the government and healthcare industries - and how other industries can benefit; Good first steps toward secure, effective solutions. Pattinson is a leading expert on smart cards and using the microprocessor chip to keep identity credential data and biometrics secure and private. Pattinson has been heavily involved in planning and implementing a number of federal government security initiatives including the Department of Defense Common Access Card (CAC); the State Department's electronic passport; the Western Hemisphere Travel Initiative cards; the Department of Transportation's Transportation Worker Identity Credential (TWIC) and the Transportation Security Administration's Regis

Safety and soundness are issues for financial institutions of all sizes, including federally-regulated credit unions. But basic information security is also a challenge - especially for smaller, under-resourced institutions, says John Kutchey, deputy director of the National Credit Union Administration's (NCUA) Office of Examination and Insurance. In an exclusive interview, Kutchey discusses: Top regulatory issues for U.S. credit unions; Information security challenges that must be addressed; Key areas of focus for the NCUA looking ahead to 2009. Kutchey was appointed to his current position in September 2008. As deputy director, Kutchey assists the E&I director to oversee the agency's supervision and examination program, risk management and data collection programs. Kutchey comes to the position after serving as director of Risk Management within E&I. Kutchey joined NCUA in 1990 as an examiner in Baltimore, Md. During his NCUA career, Kutchey has held numerous positions -- problem case officer, superv

Interview with Prof. N. Paul Schembari, East Stroudsburg University Information security - it's now a major national priority, and it's also the subject of a new Master's of Science program at East Stroudsburg University. This unique, online graduate program debuts on Aug. 31, and in an exclusive interview ESU professor N. Paul Schembari discusses: The program's unique characteristics; Educational and career opportunities for prospective students; How to quickly take steps toward enrollment.

Interview with Tim Karsky, Commissioner, Dept. of Financial Institutions For institutions of all sizes, information security is a top priority at North Dakota banking institutions. But the smaller ones struggle to dedicate sufficient resources to the task, says Tim Karsky, Commissioner of the ND Dept. of Financial Institutions. In a discussion of his agency's top priorities, Karsky discusses: Ramifications of the Supreme Court's recent Cuomo v. ClearingHouse decision; Information security strengths and weaknesses of ND institutions; The focus for banking/security leaders heading into 2010. Karsky is a North Dakota native with an extensive background in the financial industry. He began his banking career with the Federal Deposit Insurance Corporation in January 1982, and joined the Department of Banking and Financial Institutions in the fall of 1986 as Chief Examiner. In 1989, Karsky was appointed Assistant Commissioner for the Department. He served in that capacity until 1997, when he moved into a new ro

Unemployment is up, the economy is weak, and Kentucky's banking institutions are working hard to overcome these challenges and stay strong. In the first of a series of interviews with state regulatory leaders, Charles Vice, Commissioner of the Kentucky Department of Financial Institutions, discusses: Kentucky's unique banking challenges; Regulatory priorities for the state's institutions; Areas banking/security leaders must focus on headed into 2010. Vice was appointed commissioner of the Department of Financial Institutions (DFI) effective Aug. 16, 2008. As the commissioner of DFI, Vice has responsibility for the regulatory oversight of all state-chartered financial institutions, which includes examinations, licensing of financial professionals, registration of securities and enforcement. Vice was a bank examiner for the Federal Deposit Insurance Corporation (FDIC) for 18 years, serving the Lexington field office. During his tenure with FDIC, Vice served as the office's expert on subprime lending and cap

The ex-Goldman Sachs employee accused of taking proprietary trading code is only one example of the insider threat within financial services companies. Jacob Jegher, banking analyst with Celent, discusses: Lessons learned from the Goldman Sachs case; The importance of policies and procedures when it comes to thwarting the insider threat; What role technology plays in stopping internal fraud. Jegher, based in Montreal, Canada, is a senior analyst within Celent's banking group. His research focuses on emerging technologies and business strategies in retail and wholesale banking. His areas of expertise include online banking (retail, small business, and corporate cash management), social media, IT security, and customer relationship management and strategy. He is the primary author of Celent's annual global IT spending report, as well as the banking CIO survey and model bank report. Celent is an international research and consulting firm focused on the application of information technology in the global fin

There won't be any time for planning, only action, when the H1N1 (swine flu) virus returns to the U.S. this fall, says business continuity planning expert Harry Rhulen. In an exclusive interview, Rhulen discusses: Why "checkbox" compliance and planning aren't enough; What's happening in the southern hemisphere and what it will mean later this fall for the U.S.; Major human resource issues that still must be addressed. Rhulen is Chairman and CEO of Firestorm Solutions, a BCP and disaster recovery consulting firm based in Denver, CO. He is also co-author of the book "Disaster Ready People For A Disaster Ready America." Two additional books will be published this year on pandemic planning: "The Pandemic Scam -Why Plan?" and "Luck is Not a Strategic Plan."

Has the pendulum finally swung back to protect consumers and their rights in the financial services industry? Consumer protection advocacy lawyer Lauren Saunders from the National Consumer Law Center in Washington D.C. shares her insights on the recent Supreme Court decision, Cuomo v. ClearingHouse. This decision will allow states to enforce fair-lending laws and other consumer protection measures against the nation's biggest banks. Listen to this podcast as Saunders describes: What does this mean for the national banks; How will this affect banks when it comes to fair lending laws and state enforcement and what are its shortcomings; Why the swing back toward consumer protection means the real debate begins in Washington Saunders is the Managing Attorney of the National Consumer Law Center's Washington, DC, office, where she handles legislative, administrative and other advocacy efforts in the financial services area. She previously directed the Federal Rights Project of the National Senior Citizens Law

A veteran cybersecurity pro, Shane Sims shares his insights on trends he's seeing as cybercrime continues to hit all companies, including financial institutions. Sims is currently a Director in the Forensic Services practice at PricewaterhouseCoopers, where he provides investigative, forensic technology, security incident response and cyber security services to commercial and government clients. He is a former FBI Supervisory Special Agent who specialized in cybercrime, digital evidence, computer exploitation, and network surveillance. Listen to this podcast and hear Sims insights on: Who's hitting financial institutions with cybercrime activities; Why just having an incident response plan isn't enough; What needs to happen and (what shouldn't be done) when a breach occurs.

Information assurance is what everyone is talking about these days, and the term is strongly associated with "excellence" at the University of Dallas. Listen to Dr. Brett J.L. Landry, Director of the school's Center for Academic Excellence, Information Assurance, discuss: What make's the school's program unique; How students maximize their education; The future of information assurance education. Landry is the Ellis Endowed Chair of Technology Management, Associate Professor and Director of the Center for Academic Excellence in Information Assurance at the University of Dallas. He joined the University of Dallas in the fall of 2006, following six years of teaching at the University of New Orleans. He has worked in network security and design in the private and public sector and earned his Ph.D. from Mississippi State University. Landry has published numerous journal articles on Information Technology in the ACM Journal of Educational Resources in Computing (JERIC), Communications of the ACM (CACM), Dec

Michael E. Fryzel, Chairman of the National Credit Union Administration (NCUA), has proposed a new Consumer Protection Office within the credit union regulatory agency. In an exclusive interview, Fryzel discusses: Details of his proposed Consumer Protection Office; Timeline for discussion and possible adoption of this proposal; Top regulatory and information security issues facing credit unions for the remainder of 2009. Fryzel was sworn into office as Chairman of the NCUA on July 29, 2008. President George W. Bush nominated Mr. Fryzel to the NCUA Board on November 30, 2007, and his nomination was confirmed by the U.S. Senate June 26, 2008. The NCUA Board consists of three members appointed by the President and confirmed by the Senate to regulate all federally-chartered credit unions and administer the federal fund insuring member accounts in approximately 8,000 credit unions nationwide. Prior to his NCUA service, Fryzel was an attorney in private practice specializing in financial, regulatory and real es

Risk management is a common theme across and within businesses, and at North Carolina State University the Enterprise Risk Management (ERM) program is attracting notice from prospective employers and students alike. Mark Beasley, head of the school's ERM initiative, discusses: What makes the program unique; The types of students entering and graduated from the initiative; How to approach a career in ERM. Beasley is the Deloitte Professor of Enterprise Risk Management at the College of Management at North Carolina State University in Raleigh, North Carolina. The Enterprise Risk Management (ERM) Initiative at NC State provides thought leadership about ERM practices and their integration with strategy and corporate governance. As founding director, Dr. Beasley leads the ERM Initiative's efforts to help pioneer the development of this emergent discipline through outreach to business professionals, with its ongoing ERM Roundtable Series and ERM Executive Education for boards and senior executives; research, a

With the U.S. Supreme Court's ruling on Cuomo v. ClearingHouse, the door is now wide open for state attorneys general to step in and monitor regulatory compliance at national banks. And according to Gregory Taylor, VP and associate general counsel at the American Bankers Association, this new scrutiny could come soon. Taylor discusses: ABA's stance in favor of the OCC in Cuomo v. ClearingHouse; The ramifications of the Supreme Court's decision; What banks should expect next. Prior to joining the ABA in 2004, Taylor handled high-profile litigation and enforcement matters for the FDIC and the OCC. He is currently responsible for the ABA's amicus efforts on behalf of the banking industry.

As credit union members become more tech-savvy, their expectations increase - for banking services and information security alike. Kris VanBeek, SVP of Information Systems at Digital Federal Credit Union, discusses: His institution's top information security concerns; The members' concerns; ID Theft Red Flags Rule compliance; Major agenda items to address during the second half of 2009. VanBeek is a banking/security leader with deep experience in banking and regulatory compliance. Prior to joining DCU five years ago, he spent time as a supervisory manager at the Federal Reserve Bank of Boston; data center manager at Fiserv; senior IT specialist and examiner with the Federal Deposit Insurance Corporation. Digital Federal Credit Union is a not-for-profit financial cooperative owned by and operated for its members. DCU was chartered in October of 1979. DCU serves more than 350,000 members and their families in all 50 states. DCU is the largest credit union headquartered in New England as measured by asse

How strongly do consumers embrace electronic bill payments, and do they really want mobile banking as much as industry analysts say they do? These were the questions on Dennis Simmons' mind when his trade organization, SWACHA, the electronics payments resource, launched a recent survey on consumer usage of electronic payments. In an exclusive interview, Simmons discusses: Survey results and their message to banking institutions; Payment/security threats currently menacing the financial services industry; Ways institutions can help vulnerable businesses fight fraud. Simmons has over 20 years experience as the senior operations officer of several Dallas area banks. A frequent speaker and recognized expert on payments system issues, he is currently a member of the Board of NACHA, the immediate Past Chair of NACHA's Electronic Check Council and immediate past Co-Chair of NACHA's Risk Management Advisory Group. He was recognized by Transaction World as one of its 2007 "Movers and Shakers" in the payments busin

Vendor Management: Banking/security leaders all know they need to get a better handle on it - but how? Charlie Miller, former director of vendor governance at Merrill Lynch, offers his insight on improving vendor management, including: The biggest challenges facing banking institutions; Where to start the improvement process; The BITS Shared Assessments Program, and how institutions of all sizes can benefit from it. Miller provides advisory consulting services in the areas of outsourcing, privacy, information security and business continuity. He brings more than 20 years of experience in financial services, focusing on governance, risk and control. While at Merrill Lynch, Miller held key positions in the design and implementation of major global initiatives, including privacy and incident response, information leakage and data protection.

The Heartland Payment Systems (HPY) data breach came as an unpleasant surprise to many financial institutions and their customers in early 2009. What are the threats we should eye as we look ahead to 2010? In an exclusive interview, Bryan Sartin of Verizon Business, discusses the company's exhaustive research of data breaches, offering insight on: Breach trends that financial institutions should watch; Where institutions are most vulnerable; Security strategies and technologies that are most effective. Sartin heads up the investigative response team at Verizon Business. As a senior forensics examiner, he has taken the lead in many high-profile data compromise investigations in the Americas, Europe, and Asia-Pacific. In addition, Sartin is well-versed in both criminal and civil computer forensic procedures, is a certified expert witness, and is a frequent course instructor and speaker on the topics of incident response planning, computer forensics and regulatory compliance.

Audit and enterprise risk - they're inextricably linked. As cyber threats grow - from the inside and out - require organizations and their regulators to pay closer attention to technology and information security. What are some of the key audit and risk trends to track? David Melnick of Deloitte answers that question in an interview focusing on: Top challenges for financial institutions and government agencies; Successful strategies being deployed to mitigate threats; Trends organizations should track as they eye 2010. Melnick is a principal in security and privacy services within the audit and enterprise risk services practice in the Los Angeles office of Deloitte and brings more than 17 years of experience designing, developing, managing and auditing large scale secure technology infrastructure. Melnick has authored several technology books and is a frequent speaker on the topics of security and electronic commerce.

President Obama on Wednesday spelled out the details of his long-awaited plan for financial services regulatory reform. In an exclusive interview, Christie Sciacca, formerly with the Federal Deposit Insurance Corporation, currently a director with LECG in Washington, D.C., discusses: The biggest news from Obama's plan; Where opposition is likely to emerge; What to expect next in the reform process. Sciacca spent 23 years at the FDIC, where he led examination, supervisory and bank rescue transaction projects in Detroit, New York, and Washington DC. From 1983-1986, Sciacca was Assistant to the Chairman, representing the Chairman on interagency matters, at bank trade association meetings and on all operational and policy matters. Sciacca served as the FDIC's representative on the Vice President's Task Group on the Regulation of Financial Services. In 1996, he returned to the FDIC to establish that agency's International Branch and from 1997-2002 served as the head of all supervisory policy, including domest