SME_INFOSEC: Why Banks skate on infosec?

http://gizmodo.com/heres-why-your-bank-account-is-less-secure-than-your-gm-1683777281

Here’s Why Your Bank Account Is Less Secure Than Your Gmail
Mario Aguilar
Yesterday 4:33pm

*** begin quote ***

In other words, the banks aren’t doing more because they don’t have to. And so as long as they maintain zero-loss guarantees against fraud, and the amount lost to fraud remains relatively small compared to their deep pockets, the banks won’t do anything more to protect you.

*** end quote ***

So while the end-user MAY not care — although the Banks could renege on their fraud guarantee — probably with help from the CoC, SEC, FED, FDIC, and DoJ — the IT professionals should care.

Remember ENRON?

After that, it was hard for finance folks to get a job with that on their resume.

I’d imagine it’s the same for an IT executive — or an infused person — from Target now.

If you’re unable to meet your duties of care and loyalty to act in the best interests of the organization for WHATEVER reason, then you have a duty to resign.

When I was on Wall Street, I was always told that I couldn’t use “lack of funding to excuse failure” because I should have been able to convince higher ups about the need.

So too, professionals have a similar duty.

— 30 —