Let's use our imaginations for a few minutes. Let's pretend that your leadership team is concerned about the financial fitness of your bank. Whether it was identified internally, whether examiners...
The What, Why, and How of Complementary User Entity Controls
by Trisha Durkin | Jan 13, 2023
Reviewing Complementary User Entity Controls (CUECs) is an important part of any financial institution’s third-party management program. However, we often see many institutions either not performing...
Discussions Triggered from the LastPass Breach
by Brian Petzold | Jan 6, 2023
Over the past month, many have written about the latest LastPass breach. If you have not kept up with the breach, you can see the disclosure from LastPass here. Since the breach was publicized,...
Board Cyber Awareness
by Vance Monical | Dec 30, 2022
Over the next few months, Information Security leaders will be presenting their annual security update to the Board as required by the Gramm Leach Bliley Act (GLBA). It is meant to provide a summary...
Cyber Insurance is Broken. How Do We Fix it?
by Chris Bedel | Dec 23, 2022
I've been asked about the state of cyber insurance multiple times over the past couple of months. It started with a Q&A session at an emerging technology committee at one of the state banking...
Regulators Becoming More Prescriptive
by Brian Petzold | Dec 9, 2022
Recently, the New York Department of Financial Services (“DFS”) released a proposed update to its 2017 “Cybersecurity Requirements for Financial Services Companies" law (also known as “23 NYCRR...
A Few Things We're Thankful For
by Laura Zeck | Nov 25, 2022
For this year's Thanksgiving Friday 5, the Bedel Security team all came together to share five things they are thankful for this holiday season. Chris Jesus Christ, our savior. My family. Being a...
Welcome to the Bedel Security Team Alex & Cory
by Laura Zeck | Nov 21, 2022
The Bedel Security Team is excited to welcome its two newest vCISO Specialists, Alex DeLuna and Cory Poupore! Alex began his career as a banking representative for five years with a corporate...
The Risk Based Audit
by Chris Bedel | Nov 17, 2022
We have a meeting every Monday morning to do a status update on each of the 40 financial institutions we serve as their virtual Information Security Officers. It’s an opportunity to solve unique...
Self-Assessing Authentication & Access Risk
by Brian Petzold | Nov 4, 2022
A little over a year ago, banking regulators released the “Authentication and Access to Financial Institution Services and Systems” guidance. Since that time, Bedel Security has been taking the...