Safety concept: computer keyboard with Opened Padlock icon and word Cyber Crime on enter button background, 3d render Financial Institutions need to adjust their way of thinking when it comes...
Recent Posts
Several clients of mine have asked about adopting a threat information sharing policy to move towards baseline compliance in the FFIEC Cybersecurity Assessment Tool (CAT). And while most of those...
Because Cybersecurity is a business issue, not just an IT issue, the risk that it brings should be addressed by all areas of the financial institution. Right? While there is an increasing number of...
Incident Response testing is critical. A lot of banks are doing it, but some still aren't. It is required to achieve Baseline maturity in the 2015 FFIEC Cybersecurity Assessment Tool (D5.IR.Te.B.1...
It was during an incident response test with a client that this topic came up. The scenario was something like this: Ransomware infects several workstations including a critical shared drive on one...
The survey was conducted in January of 2016 by BankDirector.com where they asked executives and board members at 161 different financial institutions of various sizes a wide range of questions...
We are in the security business. So "SECURITY" should be in the name, right? When I first started on my own, I was a little afraid to get specific on the name of my business. I thought if I used the...
I love this article by Kevin Beaver on goals for your ISP. Although it's already the end of March, it is applicable at any time of the year because it discusses: Focusing on continuous improvement...
What is a Virtual CISO (vCISO)? Keeping your information security and cybersecurity programs up to snuff can be difficult for community banks. Having the proper personnel to achieve that goal may be...
Ransomware is a very scary thing for community banks. I have a couple clients that have had to go toe-to-toe with it and were fortunate enough to have solid backups for recovery. Sophos wrote an...