They’ve come back around…those business email compromises, which were all too common in the late 2010s. Unfortunately, we have seen many of these in recent weeks, even with multi-factor...

Since the pandemic and the rise of work at home, we have become very familiar with Multi-Factor Authentication (MFA). Typically, this is implemented as a One-Time Password (OTP) delivered via an...

A BISO (Business Information Security Officer) is an ombudsman for business lines across an institution. This person is responsible for representing the business requirements, controls, and...

Last week, we saw the Federal Financial Institutions Council (FFIEC) announce an update to its Cybersecurity Resource Guide. It was originally released in 2018 and intended to be a resource to...

Moises Luis Zagala Gonzalez, a 55-year-old Venezuelan cardiologist, has been charged with developing the Jigsaw v.2 and Thanos ransomware strains, which would make him one of the most productive...

We have many institutions either going through or coming out of a large amount of change. It seems like there’s always some new guidance, product, or environmental change we find ourselves up...

While the definition of a partner is fairly broad, its principles apply to a very broad spectrum of relationships. In the cybersecurity realm, this can apply to any third-party relationship such as...

News this week brought us word of something very disappointing, a breach in a large player in the identity services company, Okta. If I’m being 100% honest here, it was an unfortunate eventuality...

This week the threat from Russia to the Ukraine has turned to reality. The attack was preceded by cyber threats probably long before the physical threat was known. It most likely began with the same...

Application programming interfaces, or APIs, enable applications to exchange data and functionality easily with other applications and users in or outside an organization. Examples of APIs you may...