SBS enables client banks to have successful IT exams by guiding the bank through our..... more Our chief concern every day for our clients is what needs to be done to ensure successful IT..... more The SBS team is one of the largest teams of bank information security professionals..... more

Webinars

Please enter your email address to receive notifications for upcoming webinars.



New Services

CCBSP Security Program
CCBSP Forum


News and Events

4/10/13 MBA invites SBS to discuss ERM

SBS Senior Information Security Consultant, Chad Knutson, will be speaking on Enterprise Risk Management at Minnesota Bankers Operations and Technology Conference at the Arrowwood Conference Center in Alexandria, MN.

2/25/13 PACB - CCBSP Second chance to join

Due to some unfortunate weather conditions January 16th in Harrisburg, some people were not able to attend the first session of the CCBSP event. An additional date has been scheduled for February 25th in Harrisburg for those who were not able to attend and for other who wish to join. Please contact saundra@pacb.org for details and to sign up.

2/6/2013 ZDnet interviews SBS Consultant

Jon Waldman provides insight into the probability and impact of the data breach on community banks across the 18 state effected area. He encourages banks not take this breach lightly as it will likely result in an increase in attention towards community banks by the hacking community.

2/6/13 GSB Event “Understanding the Mysteries of Remote Deposit Capture”

Dr. Kevin Streff presents the Mysteries of Remote Deposit Capture. The act of taking a deposit has grown into a robust and complex process. The addition of Remote Deposit Capture (RDC) as a venue for financial institutions to take deposits increases the bank’s ability to reach more customers and brings efficiencies to the market. With these advantages comes the need to comply with federal regulations and mitigate risk.

1/15/13 PACB kicks off CCBSP Certification

In partnership with PACB, Secure Banking Solutions holds its first event related to the newly created Certified Community Bank Security Professional “CCBSP” certification in Pennsylvania. Approximately 34 bank employees attended the program which consists of 16 continuing credit hours divided into 4 classes throughout the year. This certification course covers the following key security controls required by regulations and examiners: Risk Management, Information Security Program, Third Party Management, Business Continuity, Incident Response, Security Awareness, Network Security, IT Audit. http://www.pacb.org/pacb-education/ccbsp/

12/1/12 SBS becomes member of ICBND

SBS is proud to announce it has become an associate member of Independent Community Bankers of North Dakota.

9/19/12 CCBSP Certification Announced

Secure Banking Solutions is proud to announce a new Information Security Certification program called “Certified Community Bank Security Professional”. The CCBSP certification is specially designed to benefit any professional working with Information Technology and Information Security who has a direct responsibility for information. Additionally, those who support these individuals or serve on IT or Audit Committees can expand their understanding of security and to help direct their institution’s activities in improving their security program. For more information regarding the CCBSP endorsement, please contact Cha Knutson at (605) 480-3366 or chad@protectmybank.com.

10/1/11 PACB Endorses SBS

Secure Banking Solutions is proud to announce that the Pennsylvania Association of Community Bankers (PACB) has endorsed SBS as a preferred consulting provider for its member banks. PACB understands the importance of a partnership with an organization that understands good security in community banking and who can drive real business value to PACB members while providing regulatory compliance solutions. This alliance allows community banks in Pennsylvania to receive discounted pricing on all SBS products and services. For more information regarding the PACB endorsement, TRAC, and the many services provided by SBS, please contact Nick Podhradsky at (605) 770-3926 or nick@protectmybank.com.

1/1/11 VACB Endorses TRAC

Secure Banking Solutions is proud to announce that the Virginia Association of Community Banks (VACB) has endorsed TRAC™ as a preferred product for its member banks. VACB recognizes the need for a strong company that offers an economical product to assist community banks with an automated compliance solution that includes IT risk assessment, ISP policy generation, and vendor due diligence and oversight. For more information regarding the VACB endorsement or TRAC products in Virginia, please contact Nick Podhradsky at (605) 770-3926 or nick@protectmybank.com.

8/15/11 Dr. Streff conducts GSB Technology School

SBS founder Dr. Streff and network security experts, Dr. Engebretson and Dr. Pauli, taught the Bank Technology Management School, a one-week Graduate School of Banking (GSB) program, which included practical, hands-on labs that allowed students to apply learned concepts in real-world situations. This applied learning is a key benefit of participating in GSB courses and provides skills and tools you can put to use immediately at your bank.

Dakota State University (DSU) and GSB at University of Wisconsin-Madison have collaborated to create the Bank Technology Management School. Dr. Kevin Streff, faculty and director of the National Center for the Protection of the Financial Infrastructure at DSU, led the effort at DSU along with Kirby Davidson, president and CEO of GSB.

8/4/11 Dr. Streff trains 250 federal regulators

Following Dr. Streff’s testimony in front of the U.S. Senate Banking Committee in June, the Federal Reserve requested Dr. Streff provide additional training to its examiners. On Thursday, August 4, 2011, Dr. Streff spoke with 250 lead regulatory examiners regarding good risk management practices and common examination issues SBS has identified while working with 400 financial institutions in 40 states over the past six years.

8/1/11 Dr. Engebretson publishes Ethical Hacking Book

SBS Penetration Tester, Dakota State University Professor, and expert ethical hacker Dr. Pat Engebretson has published a new book titled “The Basics of Hacking and Penetration Testing”. Dr. Engebretson held a book signing to celebrate this recent publication at DefCon/Black Hat, a technical security conference, in Las Vegas. Both SBS lead Penetration Testers, Dr. Engebretson and Dr. Pauli were also featured presenters at the conference. For more information, please read:
http://www.dsu.edu/news/2011/eng-book-08-01.aspx
http://www.dsu.edu/news/2011/def-con-05-06.aspx

6/20/11 SBS Founder to Testify before Congress

MADISON, SD - Kevin Streff, Ph.D., founder of Secure Banking Solutions and Director of the National Center for the Protection of the Financial Infrastructure, will testify before congress Tuesday, June 21 in a hearing entitled “Cybersecurity and Data Governance in the Financial Services Sector.”

SBS Learns of Bank Executive Data Breach

Anonymous

February 4, 2013 SBS was notified of a large data breach containing data involving approximately 4,000 Bank Executives. The hacking group “Anonymous” has claimed responsibility for this incident and has posted it publicly on the internet. Early reports indicate that the publicized information was from the Federal Reserve’s Emergency Communications System (ECS). The leaked data contains sensitive information such as: first name, last name, address, city, state, bank name, primary email, secondary email, primary phone number, mobile phone number, username, hashed password, and public IP address. It is possible the scope of the breach is larger than publicized as Anonymous has threatened to release additional information.

For more information, reference the news sources below:

ZDNet Article

More News Articles

SBS suggests the following security steps to reduce the likeliness of fraud related to this breach:

  • Encourage key employees to change passwords, especially employees with access to funds transfer capabilities
  • Monitor for fraudulent financial transactions or abnormal activity
  • Review your Incident Response Procedures to ensure it is updated, and you are prepared in the event of a security incident or network attack (such as DDOS)
  • Notify your affected employees of their exposed information and advise them that Social Engineering scams (phishing or pretexting) may be likely
  • Ensure you have recently completed Security Awareness Training or Social Engineering Testing with your employees
  • Ensure you have recently completed a Vulnerability Assessment of your internal network as a preventative measure against phishing exploits or other malicious threats
  • Ensure you have recently completed a Penetration Test of your external IP addresses, as external IP addresses were included in this breach.

Read More