Information security programs are like onions. They have layers. Understanding the control layers of an information security program helps management of a financial institution stop seeing the...

Regulators expect that a financial institution will have a vulnerability scan performed by an independent third party at least annually. This scan normally occurs during the annual audit, with the...

Any seasoned IT pro can recount stories where seemingly insignificant components or very rare events brought down critical systems. Perhaps it was the failure of a core switch and its redundant twin...

When your institution needs to send a sensitive file to an outside party, how do you control what happens to that file? If you are like many, you may email it to them utilizing one of many email...

Researchers at IBM X-Force have noticed a new wave of email attacks using COVID-19 themes to target online banking credentials. These attacks use Malware called Sphinx, which is based on the Zeus...

As the COVID-19 virus was beginning to make more headlines two weeks ago, we published an article about pandemic planning to help institutions prepare. We continue to see an increased focus on...

Most institutions spend a lot of time and money guarding and monitoring their network perimeter and their internal networks against attackers. Firewalls, web filters, email filters, intrusion...

It is the third week of 2020, and already the year 2020 has brought two new major vulnerabilities and two new major threats that banks and credit unions should have on their radar. Let’s look at the...

2019 is now history, but many financial institutions are still dragging the ghosts of unfinished cybersecurity projects into the new year. New Years is a perfect time to resolve to get ahead of...

Institutions have known for quite some time that standard support for Windows 7 will be eliminated on January 14, 2020. Most institutions had plans in place to meet the support deadline, but some...