RE: Any banking security best practices and survey information?

["ricci" <ricci () cs ust hk>]

Hello FC,

Thx for your advise.

In fact, what I want to know is the general security best practices for
banking industry. Cause I have already explored those specific regulations
about banking, but those are specific, but I want to know is the general
best practices how those regulations were based on.

Please advise.

Thx.

Ricci

-----Original Message-----
From: Fred Cohen [mailto:fred.cohen () all net]
Sent: Saturday, October 29, 2005 3:05 AM
To: ricci () cs ust hk
Cc: security-basics () securityfocus com
Subject: Re: Any banking security best practices and survey information?


Lots of regulations about banking in this context. If you are
involved in providing information to banks on security issues, how
come you don't already know the information about what regulations
apply? I ask this question because I am deeply concerned about people
putting themselves forth as experts when they are not experts.

FC

On Oct 27, 2005, at 6:00 PM, ricci wrote:

> Hello All,
>
> I'm involved in a banking security advisory services. Other than
> BS7799,
> CoBIT, ISO13569 as well as local security guidelines, is there any
> other
> applicable standards?
>
> In addition, is there any survey information on IT security aspects
> for
> banking industry?
>
> Please advise, Thx
>
> Ricci

-- This communication is confidential to the parties it is intended
to serve --
Security Posture            securityposture.com          tel/fax
University of New Haven               unhca.com        925-454-0171
Fred Cohen & Associates                 all.net      572 Leona Drive
Security Management Partners    policygeeks.com    Livermore, CA 94550