R-7 – The Top Seven Risks – 2019
Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . When Dan presents audit reports to boards of directors, he also talks to the board about the top risks the institution is facing. Since 2006, Dan has been compiling a list of the “top seven risks […]
The Magnificent Seven 2019
Seven trends impacting Information Security Officers of Small Institutions! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Welcome to the Magnificent Seven, my annual predictive article, affectionately dubbed “M7,” about the seven trends in bank technology that will impact the Information Security Officers of small banks […]
The Pine Processionary
Battling Procedure Fatigue in Cybersecurity . . . Or . . . making sure we don’t just go through the motions! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . When it comes to the routine things in life, it can be easy to get […]
Error Fatigue Risk
Going through the motions when we should be going through a checklist! The risk of way too many error messages! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . For infotex, 2018 was the year of the “Aggressive Technology Plan.” Something I’ve noticed, as we […]
Unless You Are Based in Europe
Some businesses are attempting to capitalize on confusion over just who the GDPR applies to… Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Several Clients have emailed a question to me this week (one even picked up that thing called a telephone, and called […]
Risk Versus Severity When In A Panic
Risk isn’t the only thing to consider when planning a decision tree. Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . During tuning, we’re sometimes asked, as we help our MSSP Clients establish a detailed decision tree (modify our default to their own situation), “are […]
Firewall Log Retention: Beyond The Guidance
In the absence of specific guidance, organizations are left to use their judgement in retaining logs… Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Not long ago a Client asked for my input on their firewall log policy, as they were collecting logs but […]
Merchandising as an Information Security Concept
Haven’t rotated your posters in a while? Your customers may not be seeing them anymore. Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . One of the things I recently realized: some bankers I interact with do not have the same understanding of merchandising that I […]
Our Compliance with #4040
Dan’s decided to declare “in compliance” on a CAT Statement, and wants your opinion! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . How would you like to experience a little excerpt from an infotex risk assessment? (Yes, we had to run this by our […]
The Magnificent Seven 2018
Seven trends impacting Information Security Officers of Small Institutions! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Welcome to the Magnificent Seven, my annual predictive article, affectionately dubbed “M7,” about the seven trends in bank technology that will impact the Information Security Officers of small banks […]