The Bedel Security Blog

Information security expertise exclusively for you.

Sign Up Today

Governance

3 min read

Understanding the Second Amendment to DFS Part 500: What Financial Institutions Need to Know

Jordan Rosiak: Mar 13, 2025

The Second Amendment to the New York Department of Financial Services (NYDFS) Part 500, finalized on November 1, 2024, introduces more stringent...

Controls Governance Risk Assessment Incident Response Audit Multi-factor Authentication Risk Management Compliance DFS 500
Read More

2 min read

In a World of Emerging Technology, One Truth Remains

Chris Bedel: Feb 28, 2025

Artificial intelligence, quantum computing, cryptocurrency, banking as a service - there’s no shortage of new technology shaking up the financial...

Information Security Program Controls Governance Risk Assessment Audit Risk Management
Read More

2 min read

Ruminations on the New Dodd-Frank Section 1033 Rule

Brian Petzold: Dec 19, 2024

When the Dodd-Frank Act was passed in 2010, it included Section 1033. This section required the Consumer Financial Protection Bureau (CFPB) to create...

Regulation Governance Third-Party Standard Section 1033 rule Dodd-Frank CFPB
Read More

2 min read

Demystifying Policy, Procedures, and Standards: Understanding the Differences Matters

Trisha Durkin: Aug 4, 2023

In every aspect of life, from managing a company to navigating through traffic, guidelines play a crucial role in maintaining order and achieving...

Policy Information Security Program Governance Standard Procedure
Read More

2 min read

Should Financial Institutions have a BISO Program?

Stephanie Goetz: Feb 17, 2023

A BISO (Business Information Security Officer) is an ombudsman for business lines across an institution. This person is responsible for representing...

Information Security Program Governance Banks Credit Unions
Read More

2 min read

The FDIC InTREX Gets Audited

Brian Petzold: Feb 10, 2023

While the FFIEC has released three major guidance updates since July 2019, the FDIC has not updated its examination program to include the newer...

Policy Controls Governance FFIEC Access & Authentication Audit Exam GLBA
Read More

1 min read

Outsourcing IT

Vance Monical: Aug 26, 2022

It’s common practice for financial institutions to outsource some or all of their Information Technology (IT) functions to a Managed Service Provider...

Vendor Management Governance Banks IT Outsourcing 3rd party Third-Party
Read More

3 min read

Change, Conflict and Culture

Stephanie Goetz: Jul 15, 2022

We have many institutions either going through or coming out of a large amount of change. It seems like there’s always some new guidance, product, or...

CISO Information Security Program Governance CISO Services vCISO Virtual CISO Outsourced CISO In-house CISO Banks Credit Unions Culture
Read More

2 min read

Confessions of a Professional Worrier

Brian Petzold: Jul 8, 2022

A few weeks ago, in my life outside of cybersecurity, a person said to me: “You are always thinking three steps ahead of the rest of us”. I am not...

Risk CISO Information Security Program Governance CISO Services vCISO Virtual CISO Outsourced CISO In-house CISO Banks Credit Unions Culture
Read More

2 min read

What Does it Mean to be a Good Partner?

Stephanie Goetz: Apr 29, 2022

While the definition of a partner is fairly broad, its principles apply to a very broad spectrum of relationships. In the cybersecurity realm, this...

Information Security Program Vendor Management Governance CISO Services vCISO Virtual CISO Outsourced CISO In-house CISO Banks Credit Unions Culture Board of Directors
Read More
1 2 3 Next