1 min read
Where to start?
If you are new to managing cybersecurity for a financial institution, I’m sure you’ll have a lot of questions. More specifically, “Where do I start?”
CISO as a service
2 min read
Self-Assessing Authentication & Access Risk
A little over a year ago, banking regulators released the “Authentication and Access to Financial Institution Services and Systems” guidance. Since...
1 min read
Effective User Access Reviews
What exactly is a user access review? In its simplest form, this review is a process that certifies that users’ (including vendors’) access within...
3 min read
How to Change Your Virtual CISO (or how to avoid it to begin with)
There’s been an interesting trend in the virtual CISO industry over the last several months.
2 min read
Tools to Check Out in the Cybersecurity Resource Guide
Last week, we saw the Federal Financial Institutions Council (FFIEC) announce an update to its Cybersecurity Resource Guide. It was originally...
1 min read
Preparing for a Security Incident
The worst time to develop an Incident Response Plan for dealing with a security incident is during an actual incident. It’s not a matter of “if” but...
4 min read
Does It Align With Our Mission?
We intend to change the way community banks manage cybersecurity. We intend to build an amazing company where our people can thrive. We intend to...
2 min read
Where Does Managing Aggregator Risk Belong?
A little over a year ago, bank regulators published new proposed guidance on managing third-party risk. One of the more controversial topics in this...
1 min read
Checking the Box
I recently participated in an executive meeting at a bank where we discussed the real value of “checking the box” also known as the bare minimum,...