The Heartbleed vulnerability was a massive wake-up call to the entire business eco-system of the internet – particularly the financial services industry, which transacts billions of dollars every day over internet servers. While many organizations were not compromised by it, some experts feel that the full damage has yet to materialize. What are the lessons from this episode and what more needs to be done? Spire was invited to share its comments in FST Media. Heartbleed was one of the biggest security flaws to hit the internet; open ing doors to the theft of servers’ private keys as well as users’ session cookies and passwords. While some financial services firms felt that escalating innovations had led to “new, previously unthought-of risk scenarios”, others reiterated that much effort had already been put in to ensure that all the relevant risk scenarios had been thoroughly assessed. Banks were also encouraging customers to change passwords regularly and not reuse the same ...