2 min read
What You Can do About the Okta Compromise
News this week brought us word of something very disappointing, a breach in a large player in the identity services company, Okta. If I’m being 100%...
Information Security Program (6)
2 min read
Managing the Relationship Between Information Technology and Information Security
It’s easy to use the terms “Information Technology (IT)” and “Information Security (IS)” interchangeably. They are equally important but serve...
2 min read
Russian Destructive Malware: Don’t Hit the Panic Button
Everyone is on high alert right now because of Russian ransomware attacks as a part of the conflict in Ukraine.
2 min read
Russian Cyberthreats
This week the threat from Russia to the Ukraine has turned to reality. The attack was preceded by cyber threats probably long before the physical...
2 min read
Is Your Risk Assessment Authentication & Access Ready?
In August, the FFIEC released new guidance titled “Authentication and Access to Financial Institution Services and Systems”. Because the guidance...
2 min read
Meaningful Governance
Most information security professionals understand the compliance and business requirements of keeping management informed of the Information...
2 min read
Log4Shell Response for Community Financial Institutions
This post is intended to help community financial institutions appropriately prioritize their response efforts to the Log4Shell vulnerability. If...
2 min read
Extending Security Controls Beyond the Office
Over the past several years, organizations have allocated considerable resources to protect their Information Technology environment. Historically,...
2 min read
Backups vs. Retention
We often run into situations where different staff in an institution have different understandings of the goals and operations of their backup...
2 min read
Cyber New Year’s Resolution: Start with a Gut Check
Ever get that feeling that you don’t know what you don’t know about the effectiveness of your cybersecurity program?