Articles

Zoom Security: No longer an Oxymoron

Lessons Learned from Zoom’s Rise… The only constant is change. An illustration of impermanence in information security. Zoom’s popularity is in a large part thanks to its ease of use and low cost. How can you go wrong with an application that is popular, cost ...

Security in a Cloud Computing Environment

An Update to the FFIEC Outsourced Cloud Computing Document In April 2020, the FFIEC released their “Joint Statement on Risk Management for Cloud Computing Services” as an update to their 2012 statement “Outsourced Cloud Computing.” The 2012 statement was a short, four-page...

Remote, Remote, Remote

An update to ‘Cottage Please’ . . . Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Finding time to write a Dan’s New Leaf article about remote access security, I notice there are many good articles already...

From Arizona to Wyoming: An Inventory of State Laws

What do you need to be compliant in your state? An article review. One subprocess to incident response many of our banking Clients are currently wrestling with is how to address customers living in “other states.” If we’re on the border between Indiana a...

The Magnificent Seven 2020

Seven trends impacting Information Security Officers of Small Institutions! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Welcome to the Magnificent Seven, my annual predictive article about the seven trends in tech...

Trust, but Segregate!

Show this article to your CFO the next time he or she asks for a budget. Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . It’s time . . . no wait, it’s WAY PAST TIME . . . that community banks spend the money necessary...

NSA to Establish Cybersecurity Directorate

In a change for the Agency, the new directorate will have a defensive focus… An article review. Over the last few years, we’ve seen a cat and mouse game between hackers and the good guys: from potential foreign influence in elections to the establishment of the US “...

T7: The Trend of Trends 2019

The seven best trend articles in 2019 . . . For ISOs of small financial institutions. While it may not feel like it yet for some of us, we’re well on our way into 2019, and that means it’s time for the last of our annual articles looking at predictions and tre...

R-7 – The Top Seven Risks – 2019

Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . When Dan presents audit reports to boards of directors, he also talks to the board about the top risks the institution is facing. Since 2006, Dan has been compiling a list ...

The Magnificent Seven 2019

Seven trends impacting Information Security Officers of Small Institutions! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Welcome to the Magnificent Seven, my annual predictive article, affectionately dubbed “M7,” a...