Stephanie Goetz

2 min read

NIST Cybersecurity Framework 2.0 Draft Updates

Stephanie Goetz: Sep 8, 2023

The NIST Cybersecurity Framework (CSF) was initially developed in 2014 and was intended to be a living document, dependent on feedback from stakeholders. It was initially developed for critical infrastructure, such as hospitals and banking. It has...

Risk Banks NIST Cybersecurity Risk Management
Read More

2 min read

Business Email Compromise: Attacks Immune to Multi-Factor Authentication

Stephanie Goetz: Jul 21, 2023

They’ve come back around…those business email compromises, which were all too common in the late 2010s.

Threats Controls MFA Access Third-Party Passwords Email Key Control Multi-factor Authentication Business Email Compromise BEC
Read More

1 min read

Three Options to Implement Phish Resistant Multi-Factor Authentication

Stephanie Goetz: Mar 17, 2023

Since the pandemic and the rise of work at home, we have become very familiar with Multi-Factor Authentication (MFA). Typically, this is implemented...

Controls Remote Access MFA Banks Passwords
Read More

2 min read

Should Financial Institutions have a BISO Program?

Stephanie Goetz: Feb 17, 2023

A BISO (Business Information Security Officer) is an ombudsman for business lines across an institution. This person is responsible for representing...

Information Security Program Governance Banks Credit Unions
Read More

2 min read

Tools to Check Out in the Cybersecurity Resource Guide

Stephanie Goetz: Oct 14, 2022

Last week, we saw the Federal Financial Institutions Council (FFIEC) announce an update to its Cybersecurity Resource Guide. It was originally...

Risk CISO Information Security Program CISO Services vCISO Virtual CISO Outsourced CISO In-house CISO Banks Credit Unions FFIEC Ransomware CISO as a service IT
Read More

2 min read

Charging Dr. Ransomware

Stephanie Goetz: Aug 12, 2022

Moises Luis Zagala Gonzalez, a 55-year-old Venezuelan cardiologist, has been charged with developing the Jigsaw v.2 and Thanos ransomware strains,...

Risk Cyber Law Risk Assessment Ransomware
Read More

3 min read

Change, Conflict and Culture

Stephanie Goetz: Jul 15, 2022

We have many institutions either going through or coming out of a large amount of change. It seems like there’s always some new guidance, product, or...

CISO Information Security Program Governance CISO Services vCISO Virtual CISO Outsourced CISO In-house CISO Banks Credit Unions Culture
Read More

2 min read

What Does it Mean to be a Good Partner?

Stephanie Goetz: Apr 29, 2022

While the definition of a partner is fairly broad, its principles apply to a very broad spectrum of relationships. In the cybersecurity realm, this...

Information Security Program Vendor Management Governance CISO Services vCISO Virtual CISO Outsourced CISO In-house CISO Banks Credit Unions Culture Board of Directors
Read More

2 min read

What You Can do About the Okta Compromise

Stephanie Goetz: Mar 25, 2022

News this week brought us word of something very disappointing, a breach in a large player in the identity services company, Okta. If I’m being 100%...

Risk Threats Vulnerability and Patch Management CISO Information Security Program Regulation Controls CISO Services vCISO Virtual CISO Outsourced CISO MFA In-house CISO Banks Credit Unions Access & Authentication
Read More

2 min read

Russian Cyberthreats

Stephanie Goetz: Feb 25, 2022

This week the threat from Russia to the Ukraine has turned to reality. The attack was preceded by cyber threats probably long before the physical...

Risk Threats Vulnerability and Patch Management CISO Information Security Program Incident Response CISO Services vCISO Virtual CISO Outsourced CISO In-house CISO Banks Credit Unions
Read More
Prev 1 2 3 4 5 Next