Welcome to blog 2 of our 3-part series featuring top recommendations to help financial institutions (FIs) navigate the impact of COVID-19 on their payment business. Last week’s blog shared tips to manage the surge in online and mobile banking transactions. This week, we’ll focus on card-not-present fraud. As we inch closer to June, the coronavirus continues to affect consumer purchasing behaviors – including an immense payments shift towards digital banking and e-commerce.

Regulatory compliance is continuously evolving, which makes it increasingly imperative that everyone involved in the Compliance Management System (CMS) understand their responsibilities. Various sectors mandate oversight, including healthcare, finance, and cybersecurity. It is also a foundational business practice to safeguard company reputation and demonstrate integrity to consumers and the public. Compliance management is a top-down system, like most workplace cultures and business processes.

A recent attack on a hospital in Brno, Czech Republic (a COVID-19 testing center)ehowed the extent to which weaknesses in a health center’s cybersecurity system can endanger the lives of patients. During this attack, patients had to be redirected to other hospitals and vital surgeries were postponed - all during a time in which vital testing needed to be carried out and releases needed to be sped up. A study published in the journal Technological Health Care by CS Kruse et al.

In the new normal, if your business has chosen remote operations, this might attract malicious actors. Hackers prey on the remote workforce whose vulnerability has increased in multifold ways. While infrastructural concerns, such as working outside the corporate IT network and using home Wi-Fi are inevitable, other issues, including using personal devices and retaining privileges to access more than required business resources add to the magnitude of this vulnerability.

The attack surface of your organization is the total number of attack vectors that could be used as an entry point to launch a cyberattack or gain unauthorized access to sensitive data. This could include vulnerabilities in your people, physical, network, or software environments. In simple terms, your attack surface is all the gaps in your security controls that could be exploited or avoided by an attacker.

This new world is putting a strain on organizations’ digital security defenses. First, malicious actors are increasingly leveraging coronavirus 2019 (COVID-19) as a theme to target organizations and to prey upon the fears of their employees. Our weekly COVID-19 scam roundups have made this reality clear. Second, organizations are working to mitigate the risks associated with suddenly having a large remote workforce.

In an earlier blog, Collaboration in the Modern Biotech Era, we explored the scope, dynamics, and complexity of collaboration in modern biotech and how “…these external partnerships have made the life sciences industry more distributed, networked, and collaborative than ever before.” But data security, integrity, structure, and storage present a number of concerns that need to be addressed to strengthen your GxP compliance envelope when working with external partners.

We all know about hacking and hackers, but what about hacktivism and hacktivists? In this article, we will discuss what hacktivism is and how it can affect your organization. Hackers and the act of hacking found their way into mainstream long ago, with the help of high budget films and our increasing use of technology in almost every aspect of our lives. That is why almost everyone knows what hacking is and who a hacker is.

The energy industry used to operate on a simple hub-and-spoke model, in which large power plants would produce energy in a centralized location and distribute it out to consumers. Yet as solar, wind, and other small-scale renewable energy sources take hold in the market, that hub-and-spoke model is being replaced by a complex grid of interconnected devices.

Assessing the cybersecurity risk posed by third-party vendors and service providers is time-consuming, operationally complex, and often riddled with errors. You need to keep track of requests you send out, chase up vendors who haven't answered, and ensure that when they do they answer in a timely and accurate manner.