1 min read
Board Cyber Awareness
Over the next few months, Information Security leaders will be presenting their annual security update to the Board as required by the Gramm Leach...
Risk Assessment (2)
1 min read
Regulators Becoming More Prescriptive
Recently, the New York Department of Financial Services (“DFS”) released a proposed update to its 2017 “Cybersecurity Requirements for Financial...
2 min read
Self-Assessing Authentication & Access Risk
A little over a year ago, banking regulators released the “Authentication and Access to Financial Institution Services and Systems” guidance. Since...
2 min read
Charging Dr. Ransomware
Moises Luis Zagala Gonzalez, a 55-year-old Venezuelan cardiologist, has been charged with developing the Jigsaw v.2 and Thanos ransomware strains,...
2 min read
Where Does Managing Aggregator Risk Belong?
A little over a year ago, bank regulators published new proposed guidance on managing third-party risk. One of the more controversial topics in this...
2 min read
Is Your Risk Assessment Authentication & Access Ready?
In August, the FFIEC released new guidance titled “Authentication and Access to Financial Institution Services and Systems”. Because the guidance...
2 min read
Keep an Eye on API Security
Application programming interfaces, or APIs, enable applications to exchange data and functionality easily with other applications and users in or...
2 min read
The Regular Risk Assessment Revolution
The cybercriminals are still on top of their game, changing targets and tactics. The work-from-home revolution continues and the drive for automation...
2 min read
Breaking the SMS Habit
Multifactor Authentication (MFA) is one of the most important controls to block account takeover fraud. There are many different forms of MFA...
