It goes without saying that 2009 will be the "Year of Lessons Learned" for banking. From lending changes to merger best practices, the past year has tested every facet of the banking professional's knowledge and capabilities - CIOs included. The demise of many institutions, especially regional banks where IT staff is limited in size and resources, has exposed a new set of vulnerabilities in the IT infrastructure. At a high-level, what we've learned is that a bank's network security is at its most vulnerable during the bank closure process.
Typically, a bank closure happens within a 48-hour period, during which the FDIC relieves management of its duties and begins forensic accounting analysis. Amidst this chaos, 100 to 200 new people - mostly forensic accountants - become active on the bank's network as the bank is transitioned into new ownership.