2 min read
Managing the Relationship Between Information Technology and Information Security
It’s easy to use the terms “Information Technology (IT)” and “Information Security (IS)” interchangeably. They are equally important but serve...
In-house CISO (3)
2 min read
Russian Destructive Malware: Don’t Hit the Panic Button
Everyone is on high alert right now because of Russian ransomware attacks as a part of the conflict in Ukraine.
2 min read
Russian Cyberthreats
This week the threat from Russia to the Ukraine has turned to reality. The attack was preceded by cyber threats probably long before the physical...
2 min read
Is Your Risk Assessment Authentication & Access Ready?
In August, the FFIEC released new guidance titled “Authentication and Access to Financial Institution Services and Systems”. Because the guidance...
2 min read
Meaningful Governance
Most information security professionals understand the compliance and business requirements of keeping management informed of the Information...
2 min read
Log4Shell Response for Community Financial Institutions
This post is intended to help community financial institutions appropriately prioritize their response efforts to the Log4Shell vulnerability. If...
2 min read
Backups vs. Retention
We often run into situations where different staff in an institution have different understandings of the goals and operations of their backup...
2 min read
Cyber New Year’s Resolution: Start with a Gut Check
Ever get that feeling that you don’t know what you don’t know about the effectiveness of your cybersecurity program?
2 min read
Keep an Eye on API Security
Application programming interfaces, or APIs, enable applications to exchange data and functionality easily with other applications and users in or...
2 min read
Tricky Phish Testing
Phishing remains one of the top threats to organizations today. Every user regularly receives emails designed to trick them into clicking on a link,...