1 min read
Board Cyber Awareness
Over the next few months, Information Security leaders will be presenting their annual security update to the Board as required by the Gramm Leach...
Risk (3)
3 min read
Cyber Insurance is Broken. How Do We Fix it?
I've been asked about the state of cyber insurance multiple times over the past couple of months.
2 min read
The Risk Based Audit
We have a meeting every Monday morning to do a status update on each of the 40 financial institutions we serve as their virtual Information Security...
2 min read
Tools to Check Out in the Cybersecurity Resource Guide
Last week, we saw the Federal Financial Institutions Council (FFIEC) announce an update to its Cybersecurity Resource Guide. It was originally...
1 min read
Preparing for a Security Incident
The worst time to develop an Incident Response Plan for dealing with a security incident is during an actual incident. It’s not a matter of “if” but...
2 min read
Charging Dr. Ransomware
Moises Luis Zagala Gonzalez, a 55-year-old Venezuelan cardiologist, has been charged with developing the Jigsaw v.2 and Thanos ransomware strains,...
2 min read
Where Does Managing Aggregator Risk Belong?
A little over a year ago, bank regulators published new proposed guidance on managing third-party risk. One of the more controversial topics in this...
2 min read
Confessions of a Professional Worrier
A few weeks ago, in my life outside of cybersecurity, a person said to me: “You are always thinking three steps ahead of the rest of us”. I am not...
2 min read
Remote Work Flexibility is Here to Stay
It’s been a long and crazy two years since Covid showed up and changed the world. Yes, a lot of things are different now, but I’d like to take a few...