2 min read
In December 2023 the US Justice Department announced that they had disrupted operations of ALPHV/Blackcat, a ransomware group that was responsible for many of the most prolific attacks in 2023. ALPHV/Blackcat fought to continue their operations up...
Read More
2 min read
There have been multiple consent orders issued recently which have made it clear that regulators are starting to enforce new third-party risk...
3 min read
Every institution should have an internal penetration test performed annually. The goal of the penetration test is for the tester to try to gain...
2 min read
We are often asked what length passwords should be. The answer that we give in general is that we would like user passwords to be at least 14...
1 min read
As attackers are finding new ways to get around multifactor authentication in Microsoft 365, conditional access is becoming more important....
2 min read
On June 6th, the Federal Reserve, FDIC, and OCC released new interagency guidance on third-party risk management. The new guidance, based on existing...
2 min read
All organizations have (or should have) a firewall that blocks unexpected communications from the Internet to internal network hosts. But what about...
2 min read
While the FFIEC has released three major guidance updates since July 2019, the FDIC has not updated its examination program to include the newer...
