These tools will help you assess and improve your cybersecurity preparedness… An article review. If you’re a regular reader of our blog, you know that we think cybersecurity training and the tools that go along with it are vitally important to any organization that relies upon computers—which is pretty much everyone, now. The Federal Financial […]

Focused on small businesses, the guide covers twelve topics you need to know to be secure… An article review. While there are many resources concerning cybersecurity out there, it can sometimes be difficult to find information tailored for smaller organizations instead of consumers or large enterprises. Luckily the FTC realizes that the bad guys aren’t […]

The FDIC has released new training material to help small banks start a discussion on risk… An article review. Sometimes it can be difficult to find a starting point when getting your employees discussing risk and technology, and while we do provide our own resources on the subject we wanted to pass along another resource […]

Financial regulators from eight states impose new rules in the wake of the credit reporting agency’s historic breach. An article review. The investigation by federal regulators and law enforcement officials into the breach that resulted in the release of over 140 million people’s personal information is still ongoing, but Equifax has already reached an agreement […]

Object Access Limitations. . . While offering some visibility, there are limitations to object access monitoring. If your organization has to comply with industry regulations such as GLBA, HIPAA, or Sarbanes Oxley, you know that maintaining data security and privacy are important, and one of the ways you can accomplish that is with object access […]

The first in our guest author series, this article by Eric Kroeger and Jason Mikolanis explains the difference between patch and vulnerability management.

The controversial new regulations are the first in the nation, and may not be the last… An article review. On March 1 New York State became the first in the nation to impose its own cybersecurity regulations on banking institutions. Though banking institutions have 180 days to come into compliance, there are complaints that the […]

Questions from vendor management to mitigating controls covered in the new document. An article review.   The FFIEC released a document earlier this month covering some of the most frequently asked questions surrounding the Cybersecurity Assessment Tool (CAT), and it’s certainly worth taking a look at as many of their answers are eye-opening! Many have wondered […]

If you think you have a good patch management and verification program in place, think again! Sure, you’re supplementing WSUS with Nessus scans or some other third party patch verification process. But are you scanning your mobile devices?

The Federal Financial Institutions Examination Council (FFIEC) has announced that the organization has upgraded the functions and features of the InfoBase for the FFIEC Information Technology Examination Handbook (IT Handbook). The IT Handbook consists of 11 booklets covering a variety of technology and technology-related risk management guidance for financial institutions and examiners.