1 min read
Where to start?
If you are new to managing cybersecurity for a financial institution, I’m sure you’ll have a lot of questions. More specifically, “Where do I start?”
Read More
2 min read
The Fiduciary Role of the CISO
A few months ago I was listening to a podcast. The business owner being interviewed wasn't in cybersecurity but had a consulting business. And he...
2 min read
Should Financial Institutions have a BISO Program?
A BISO (Business Information Security Officer) is an ombudsman for business lines across an institution. This person is responsible for representing...
2 min read
The FDIC InTREX Gets Audited
While the FFIEC has released three major guidance updates since July 2019, the FDIC has not updated its examination program to include the newer...
2 min read
The 1 Thing You Can Do to Improve Your Cybersecurity Program
Let's use our imaginations for a few minutes.
1 min read
The What, Why, and How of Complementary User Entity Controls
Reviewing Complementary User Entity Controls (CUECs) is an important part of any financial institution’s third-party management program. However, we...
3 min read
Discussions Triggered from the LastPass Breach
Over the past month, many have written about the latest LastPass breach. If you have not kept up with the breach, you can see the disclosure from...
1 min read
Board Cyber Awareness
Over the next few months, Information Security leaders will be presenting their annual security update to the Board as required by the Gramm Leach...
3 min read
Cyber Insurance is Broken. How Do We Fix it?
I've been asked about the state of cyber insurance multiple times over the past couple of months.
1 min read
Regulators Becoming More Prescriptive
Recently, the New York Department of Financial Services (“DFS”) released a proposed update to its 2017 “Cybersecurity Requirements for Financial...