Remix.run Logo
spydum 5 hours ago

I have bad news if you think banks are the pinnacle of cyber security practices...

Maybe some rare few are, but by and large they generally stink.

They tend to give that impression because they hire tons of auditors and panjandrum, to hassle their suppliers, but internally they are winging it like the rest of us.

antonvs 3 hours ago | parent [-]

The difference is that at bigger banks at least, they tend to throw more money at the problem. They'll have defense in depth with e.g. DMZs, proxies for ingress and egress, locked down workstations and browsers, etc., and a different team for each one of those domains.

So while the actual "on the ground" picture may look suboptimal at any given point, overall it does make for security that in practice is much better than average.

This is reflected in the actual security compromise statistics. Your money in a bank is a lot safer than, say, your credit card deals on file with many retailers.