1 min read
Strengthening the Fort
In an era dominated by digital advancements, the financial industry stands at the forefront of technological innovation. As financial institutions...
Passwords
2 min read
Five Findings from the 2023 IBM Security Cost of a Data Breach Report
I was reviewing the 2023 IBM Security Cost of a Data Breach Report this week and wanted to share some findings I found interesting. This report is...
2 min read
What is a Good Password Length?
We are often asked what length passwords should be. The answer that we give in general is that we would like user passwords to be at least 14...
2 min read
Business Email Compromise: Attacks Immune to Multi-Factor Authentication
They’ve come back around…those business email compromises, which were all too common in the late 2010s.
1 min read
Password Reuse
Today, I want to discuss a topic that often goes unnoticed but can have far-reaching consequences: password reuse. In this fast-paced digital age,...
1 min read
Three Options to Implement Phish Resistant Multi-Factor Authentication
Since the pandemic and the rise of work at home, we have become very familiar with Multi-Factor Authentication (MFA). Typically, this is implemented...
1 min read
The What, Why, and How of Complementary User Entity Controls
Reviewing Complementary User Entity Controls (CUECs) is an important part of any financial institution’s third-party management program. However, we...
3 min read
Discussions Triggered from the LastPass Breach
Over the past month, many have written about the latest LastPass breach. If you have not kept up with the breach, you can see the disclosure from...
2 min read
Self-Assessing Authentication & Access Risk
A little over a year ago, banking regulators released the “Authentication and Access to Financial Institution Services and Systems” guidance. Since...
