According to Sergey Matveyev
Posted: Mon Feb 10, 2025 9:57 am
Developing the theme of the inevitability of punishment for information security violations, he reported the existence of a special unit in his bank that focuses on interaction with law enforcement agencies, helping them collect legally significant data necessary for investigating violations. He spoke about two recent investigations that ended with suspended sentences for the guilty parties. For educational purposes, this information was communicated to employees, and, according to Oleg Volkov, it affected them like an "exploding bomb", and periodic reminders of what happened continue to work along with other measures to improve information security literacy.
financial organizations are not always ready to "wash albania whatsapp data linen in public", and in cases of violations of rules and job descriptions by employees, they prefer not to bring the matter to court proceedings, limiting themselves to dismissing the guilty parties. Vyacheslav Kasimov believes that one of the significant reasons for such behavior is the costs that organizations bear during the investigation process. In addition, due to workload, and sometimes insufficient competence, law enforcement agencies are not always able to use the information provided to them by the affected organizations.
Sergey Matveyev believes that often a large number of prohibitions and restrictions do not help, but hinder monitoring of employees' compliance with information security policies. Thus, in his organization, the use of Scape and Telegram services in work processes is permitted. According to him, this helps the information security service to identify in advance the intentions of employees who are preparing to commit official crimes. The use of IP telephony, working through headsets, allows using their microphones as a tool for monitoring employee communication both with external subscribers and with each other.
financial organizations are not always ready to "wash albania whatsapp data linen in public", and in cases of violations of rules and job descriptions by employees, they prefer not to bring the matter to court proceedings, limiting themselves to dismissing the guilty parties. Vyacheslav Kasimov believes that one of the significant reasons for such behavior is the costs that organizations bear during the investigation process. In addition, due to workload, and sometimes insufficient competence, law enforcement agencies are not always able to use the information provided to them by the affected organizations.
Sergey Matveyev believes that often a large number of prohibitions and restrictions do not help, but hinder monitoring of employees' compliance with information security policies. Thus, in his organization, the use of Scape and Telegram services in work processes is permitted. According to him, this helps the information security service to identify in advance the intentions of employees who are preparing to commit official crimes. The use of IP telephony, working through headsets, allows using their microphones as a tool for monitoring employee communication both with external subscribers and with each other.