What exactly is a user access review? In its simplest form, this review is a process that certifies that users’ (including vendors’) access within systems are appropriate and legitimate leveraging...

There’s been an interesting trend in the virtual CISO industry over the last several months. I've had conversations with three banks who were looking for a new virtual CISO due to their existing...

Last week, we saw the Federal Financial Institutions Council (FFIEC) announce an update to its Cybersecurity Resource Guide. It was originally released in 2018 and intended to be a resource to...

The worst time to develop an Incident Response Plan for dealing with a security incident is during an actual incident. It’s not a matter of “if” but “when” your organization will be the victim of a...

Last week, I had the chance to interview Wes Spencer, from FifthWall Solutions, on cryptocurrency in community banking. We’ve had so much good feedback from that webinar – if you didn’t get the...

“How long should a password be?” “Should passwords even be used any longer?” These are questions that organizations have been grappling with as we enter the end of 2022. Each day, we are seeing...

It’s common practice for financial institutions to outsource some or all of their Information Technology (IT) functions to a Managed Service Provider (MSP) to gain access to higher levels of...

We intend to change the way community banks manage cybersecurity. We intend to build an amazing company where our people can thrive. We intend to help those less fortunate than us. A while back, a...

Moises Luis Zagala Gonzalez, a 55-year-old Venezuelan cardiologist, has been charged with developing the Jigsaw v.2 and Thanos ransomware strains, which would make him one of the most productive...

A little over a year ago, bank regulators published new proposed guidance on managing third-party risk. One of the more controversial topics in this guidance is whether a data aggregator needs to be...