Brian Petzold

1 min read

Regulators Becoming More Prescriptive

Brian Petzold: Dec 9, 2022

Recently, the New York Department of Financial Services (“DFS”) released a proposed update to its 2017 “Cybersecurity Requirements for Financial Services Companies" law (also known as “23 NYCRR 500”). While the law only applies to organizations that...

Policy Information Security Program Regulation Risk Assessment NYCRR
Read More

2 min read

Self-Assessing Authentication & Access Risk

Brian Petzold: Nov 4, 2022

A little over a year ago, banking regulators released the “Authentication and Access to Financial Institution Services and Systems” guidance. Since...

Threats Information Security Program Regulation Risk Assessment CISO Services vCISO Virtual CISO Banks Credit Unions FFIEC Access Access & Authentication CISO as a service Audit 3rd party Third-Party Passwords Access Reviews
Read More

3 min read

What Is A Strong Password in 2022?

Brian Petzold: Sep 2, 2022

Risk Threats CISO Information Security Program Regulation Controls CISO Services vCISO Virtual CISO Outsourced CISO MFA In-house CISO Banks Board of Directors Access & Authentication CISO as a service Exam Passwords
Read More

2 min read

Where Does Managing Aggregator Risk Belong?

Brian Petzold: Aug 5, 2022

A little over a year ago, bank regulators published new proposed guidance on managing third-party risk. One of the more controversial topics in this...

Risk CISO Risk Assessment CISO Services vCISO Virtual CISO Outsourced CISO In-house CISO Banks Credit Unions Access & Authentication CISO as a service
Read More

2 min read

Confessions of a Professional Worrier

Brian Petzold: Jul 8, 2022

A few weeks ago, in my life outside of cybersecurity, a person said to me: “You are always thinking three steps ahead of the rest of us”. I am not...

Risk CISO Information Security Program Governance CISO Services vCISO Virtual CISO Outsourced CISO In-house CISO Banks Credit Unions Culture
Read More
Questions For Your Internet Banking Provider

1 min read

Questions You Should Be Asking Your Internet Banking Provider

Brian Petzold: Apr 21, 2022

Financial institutions are required to regularly assess the authentication controls, security layers, and monitoring of Internet Banking to prepare...

Risk Information Security Program Controls CISO Services vCISO Virtual CISO Outsourced CISO In-house CISO Banks Credit Unions
Read More

2 min read

MFA Enrollment Mistakes

Brian Petzold: Apr 8, 2022

Most financial institutions understand the importance of Multifactor Authentication (MFA) in keeping unauthorized parties from gaining access to user...

Risk Threats Policy CISO Information Security Program Remote Access CISO Services vCISO Virtual CISO Outsourced CISO MFA In-house CISO Banks Credit Unions Access
Read More

2 min read

Is Your Risk Assessment Authentication & Access Ready?

Brian Petzold: Jan 21, 2022

In August, the FFIEC released new guidance titled “Authentication and Access to Financial Institution Services and Systems”. Because the guidance...

Risk Threats CISO Information Security Program CySPOT Regulation Controls Risk Assessment CISO Services Virtual CISO Outsourced CISO MFA In-house CISO Banks Credit Unions FFIEC Access Access & Authentication
Read More

2 min read

Backups vs. Retention

Brian Petzold: Nov 19, 2021

We often run into situations where different staff in an institution have different understandings of the goals and operations of their backup...

Risk Threats CISO Information Security Program Controls Governance CISO Services vCISO Virtual CISO Outsourced CISO In-house CISO Banks Credit Unions
Read More

2 min read

Tricky Phish Testing

Brian Petzold: Oct 29, 2021

Phishing remains one of the top threats to organizations today. Every user regularly receives emails designed to trick them into clicking on a link,...

Risk Threats Training Policy Information Security Program CISO Services Virtual CISO Outsourced CISO In-house CISO Banks Credit Unions Ransomware
Read More
Prev 1 2 3 4 5 Next