https://community.isc2.org/t5/Industry-News/Web-Attacks-Spike-in-Financial-Industry/m-p/2200#M224 Timing of article is spot on for me. I had an interview 48 hrs ago for this exact thing in the financial industry. Ensuring security is built in to apps from beginning instead of wrapped around when deployed. This has been a huge issue in my line of work, making me very unpopular with coworkers and PMs. Oh well, some folks are late learners. Sun, 29 Oct 2017 20:54:11 GMT Spellsmom 2017-10-29T20:54:11Z https://community.isc2.org/t5/Industry-News/Web-Attacks-Spike-in-Financial-Industry/m-p/2131#M213 <P>Check out this article from DarkReading about attacks on web applications in the financial services industry.</P><P>&nbsp;</P><P><A title="Web Attacks Spike in Financial Industry" href="https://www.darkreading.com/application-security/web-attacks-spike-in-financial-industry-/d/d-id/1330252" target="_self">Web Attacks Spike in Financial Industry</A></P> Sun, 29 Oct 2017 18:48:01 GMT https://community.isc2.org/t5/Industry-News/Web-Attacks-Spike-in-Financial-Industry/m-p/2131#M213 WorkingTechSTL 2017-10-29T18:48:01Z https://community.isc2.org/t5/Industry-News/Web-Attacks-Spike-in-Financial-Industry/m-p/2137#M216 Hi,<BR /><BR />Quite an interesting read and really shows you where people are looking nowadays to breach companies that hold sensitive data.<BR />Due to such wide notice that passwords just be secure, guessing passwords is no longer really worth anyone's time as you would need some serious kit to crunch the numbers and get to a point in which a password can be viewed.<BR />I think it's also easier for the people out their to do a quick scan of a website, view the version of applications they are using whether it be apache or SQL.<BR />A quick Google search later, I'm sure that a list of known vulnerabilities would be brought up and then it's game on.<BR /><BR />Great article and really shows light on where administrators need to focus on patching and updating public facing systems<BR /><BR />Thanks<BR />Sam Sun, 29 Oct 2017 19:02:17 GMT https://community.isc2.org/t5/Industry-News/Web-Attacks-Spike-in-Financial-Industry/m-p/2137#M216 shall1569 2017-10-29T19:02:17Z https://community.isc2.org/t5/Industry-News/Web-Attacks-Spike-in-Financial-Industry/m-p/2167#M221 Security of web applications depends upon developers and organizations too who install IPS. However, again basic stuff is same, human element. The one who develops the application, updates the IPS and uses the machine r humans, so if we really want to mitigate risk of occurring cyber threats, we require strong internal controls and their adequate and effective implementation and regular monitoring for improvements.<BR /><BR />This will definitely help to reduce the occurrance of adverse incidences.<BR /><BR />Regards,<BR />Gargi Akolkar<BR />( Bcom, CA, PGD in Cyber Security, Cyber Forensics, Cyber Laws and Cyber Crimes, Certified in Forensic Accounting and Fraud Investigation) Sun, 29 Oct 2017 19:51:57 GMT https://community.isc2.org/t5/Industry-News/Web-Attacks-Spike-in-Financial-Industry/m-p/2167#M221 G08 2017-10-29T19:51:57Z https://community.isc2.org/t5/Industry-News/Web-Attacks-Spike-in-Financial-Industry/m-p/2200#M224 Timing of article is spot on for me. I had an interview 48 hrs ago for this exact thing in the financial industry. Ensuring security is built in to apps from beginning instead of wrapped around when deployed. This has been a huge issue in my line of work, making me very unpopular with coworkers and PMs. Oh well, some folks are late learners. Sun, 29 Oct 2017 20:54:11 GMT https://community.isc2.org/t5/Industry-News/Web-Attacks-Spike-in-Financial-Industry/m-p/2200#M224 Spellsmom 2017-10-29T20:54:11Z