Home / Archives For Tom Turner

Tom Turner is CEO, BitSight.

The Need For Effective Third-Party Risk Management In Financial Services

In the last few years we have seen the frequency and severity of third-party cyberattacks against global financial institutions continue to increase. One of the biggest reported attacks against financial organisations occurred in early 2016, when $81 million was taken from accounts at Bangladesh Bank. Unknown hackers used SWIFT credentials of Bangladesh Central Bank employees to send more than three dozen fraudulent money transfer requests to the Federal Reserve Bank of New York asking the bank to transfer millions of the Bangladesh Bank’s funds to bank accounts in the Philippines, Sri Lanka and other parts of Asia. The Bangladesh Bank managed to halt $850 million in other transactions, and a typo made by the hackers raised suspicions that prevented them from stealing the full $1 bil...

4 Reasons To Use Security Ratings Before Your Next Acquisition

For years, cybersecurity was considered a “check-the-box” discussion during the merger and acquisition (M&A) process. It was almost always examined to ensure there weren’t any glaring issues or major red flags—but due to limited time resources, or the ability to parse out qualitative responses during M&A from real performance, there wasn’t a great deal of importance placed on it. Very few transactions would be prevented due to cyber security practices today, however each M&A does require a financial business case created regardless. This may be as simple as assessing integration costs. You are probably aware of the security breach at luxury retailers, Saks Fifth Avenue and Lord & Taylor, that compromised payment card information for over 5 million customers. As a result, Hu...

Getting Buy-In From The Board: Advice For CIOs

IT and security conversations are moving away from the confines of remote IT departments and are finding their way to the top of boardroom agendas. As they do so, CIOs need to carefully consider the way they communicate with other senior executives if critical IT initiatives are to receive that all important buy-in from the Board.  In this article, I will offer guidance to CIOs who are required to obtain Board-level approval before implementing strategic IT projects. CIOs are in a unique position within the C-suite. Their expertise and guidance can have a direct impact on the future of an entire organisation. As a result, and quite rightly so, CIOs and security professionals have secured a more important seat at the top table. However, despite the fundamental importance of IT, many organis...