Business Email Compromise: Attacks Immune to Multi-Factor Authentication

by Stephanie Goetz | Jul 21, 2023

They’ve come back around…those business email compromises, which were all too common in the late 2010s. Unfortunately, we have seen many of these in recent weeks, even with multi-factor...

Helping Board Members Sleep at Night

by Brian Petzold | Jul 14, 2023

If you are a board member of a bank or credit union, how do you know that the cybersecurity program of the organization is being managed effectively? I often try to put myself into the shoes of a...

“Banking” on Zero Trust: An Essential Shift in Cybersecurity

by Tony Bushong | Jul 7, 2023

Ever heard Rick Howard's analogy of networks being like M&M candies? Imagine a hard exterior shell but with a soft, less secure core. Traditional network security has been all about hardening the...

Cloud Security Challenges

by Vance Monical | Jun 30, 2023

As financial institutions increasingly embrace the benefits of cloud computing, the importance of cloud security cannot be understated. While the cloud offers numerous advantages, such as...

Addressing the MOVEit Vulnerability: Actions for Financial Institutions

by Trisha Durkin | Jun 23, 2023

Financial institutions rely on numerous third-party providers to support their operations and deliver essential services. However, these partnerships can introduce additional cybersecurity risks,...

Reviewing the New Interagency Third-Party Risk Management Guidance

by Brian Petzold | Jun 9, 2023

On June 6th, the Federal Reserve, FDIC, and OCC released new interagency guidance on third-party risk management. The new guidance, based on existing OCC guidance from 2013 and 2020, calls for a...

Password Reuse

by Vance Monical | Jun 2, 2023

Today, I want to discuss a topic that often goes unnoticed but can have far-reaching consequences: password reuse. In this fast-paced digital age, convenience plays a significant role in our daily...

5 Steps to Utilizing Key Controls

by Chris Bedel | May 26, 2023

Recently we’ve received a number of requests for “Key Controls” from auditors or examiners for the financial institutions we work with. Fortunately, for those that have our Risk Management module,...

Insider Cybersecurity Threats: What Financial Institutions Need to Know

by Trisha Durkin | May 19, 2023

Community financial institutions face a wide range of cybersecurity threats, but one of the most concerning is insider threats. Insider threats refer to employees or contractors who intentionally or...

What Does it Mean to be Independent and Qualified?

by Chris Bedel | May 16, 2023

In today's video, we're going to explain what it means to be independent and qualified and why it's so important for an ISO or CISO to be both. {% video_player "embed_player" overrideable=False,...

Want these articles delivered weekly to your inbox? Subscribe to our Newsletter!

Recent Posts

Stay in the Loop!