3 min read
For years, having long and complex passwords has been ingrained in us as a requirement, so it may seem strange to consider eliminating passwords altogether. But you should, and here is why: Passwords are vulnerable.
Read More
3 min read
Most ransomware gangs gain their foothold in an organization by taking advantage of at least one vulnerability. The vulnerability may be on a user...
2 min read
When the Dodd-Frank Act was passed in 2010, it included Section 1033. This section required the Consumer Financial Protection Bureau (CFPB) to create...
2 min read
I have a lot of passion for my role as a Virtual Chief Information Security Officer (vCISO) for financial institutions, and I am always happy to tell...
2 min read
In late August, the FFIEC announced that they would sunset the Cybersecurity Assessment Tool (the “CAT”) on August 31, 2025. It had been apparent for...
2 min read
When we first start working with new institutions, it is not unusual for us to see them struggling because they have focused their efforts on...
2 min read
In December 2023 the US Justice Department announced that they had disrupted operations of ALPHV/Blackcat, a ransomware group that was responsible...
2 min read
There have been multiple consent orders issued recently which have made it clear that regulators are starting to enforce new third-party risk...
3 min read
Every institution should have an internal penetration test performed annually. The goal of the penetration test is for the tester to try to gain...
