They’ve come back around…those business email compromises, which were all too common in the late 2010s. Unfortunately, we have seen many of these in recent weeks, even with multi-factor...
Business Email Compromise: Attacks Immune to Multi-Factor Authentication
by Stephanie Goetz | Jul 21, 2023
Helping Board Members Sleep at Night
by Brian Petzold | Jul 14, 2023
If you are a board member of a bank or credit union, how do you know that the cybersecurity program of the organization is being managed effectively? I often try to put myself into the shoes of a...
“Banking” on Zero Trust: An Essential Shift in Cybersecurity
by Tony Bushong | Jul 7, 2023
Ever heard Rick Howard's analogy of networks being like M&M candies? Imagine a hard exterior shell but with a soft, less secure core. Traditional network security has been all about hardening the...
Cloud Security Challenges
by Vance Monical | Jun 30, 2023
As financial institutions increasingly embrace the benefits of cloud computing, the importance of cloud security cannot be understated. While the cloud offers numerous advantages, such as...
Addressing the MOVEit Vulnerability: Actions for Financial Institutions
by Trisha Durkin | Jun 23, 2023
Financial institutions rely on numerous third-party providers to support their operations and deliver essential services. However, these partnerships can introduce additional cybersecurity risks,...
On June 6th, the Federal Reserve, FDIC, and OCC released new interagency guidance on third-party risk management. The new guidance, based on existing OCC guidance from 2013 and 2020, calls for a...
Password Reuse
by Vance Monical | Jun 2, 2023
Today, I want to discuss a topic that often goes unnoticed but can have far-reaching consequences: password reuse. In this fast-paced digital age, convenience plays a significant role in our daily...
5 Steps to Utilizing Key Controls
by Chris Bedel | May 26, 2023
Recently we’ve received a number of requests for “Key Controls” from auditors or examiners for the financial institutions we work with. Fortunately, for those that have our Risk Management module,...
Insider Cybersecurity Threats: What Financial Institutions Need to Know
by Trisha Durkin | May 19, 2023
Community financial institutions face a wide range of cybersecurity threats, but one of the most concerning is insider threats. Insider threats refer to employees or contractors who intentionally or...
What Does it Mean to be Independent and Qualified?
by Chris Bedel | May 16, 2023
In today's video, we're going to explain what it means to be independent and qualified and why it's so important for an ISO or CISO to be both. {% video_player "embed_player" overrideable=False,...