General: (800) 466-9939

Controls

The Art of Phishing

What We've Learned Testing Community Banks Phishing is still one of the easiest ways for attackers to get a foothold in community banks. Even in 2026, it works far too well. At Infote...
READ MORE

LLMs in Banking: A Measured Approach

Balancing Innovation and Risk . . . As with many new technologies, financial institutions are approaching the use of large language models (LLMs) cautiously. While generative AI has a...
READ MORE

Eclipsing the Manifesto

Four disparate words With a number and a special character, for good measure Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Last week I posted a GPT summary of my infamous “Password manifesto.”   Today, I...
READ MORE

Retrospective: Password Aging

A look back at 2008 And a radical manifesto of the timer Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . In 2008 I wrote an article, published in Hoosier Banker magazine, that we have since called “The Password Manife...
READ MORE

NIST Proposes Changes to Outdated Guidance

An evolving threat landscape means the original 2015 guidance is in need of an update… An Article Review. The National Institute of Standards and Technology (NIST) is considering an update to its 2015 Special Publication 800-171, which contains cybersecurity control...
READ MORE

New Attacks Target Multi-Factor Authentication

Microsoft, Cisco and Uber are among the companies hit by this new threat… An article review.  As more organizations adopt multi-factor authentication to help safeguard their systems hackers have adapted, and several major corporations have been among those hit by thi...
READ MORE

Why Awareness Training Should Go Beyond Your Own Services

With nearly three in four people using third-party payment services tied to their bank accounts, the risk isn’t limited to your own policies and procedures… An article review. When working on cybersecurity awareness messages for your customers you may be incli...
READ MORE

An Overview of the FFIEC Architecture, Infrastructure, and Operations Booklet

Our Lead Non-Technical Auditor takes a look at the new AIO Guidance… Architecture, Infrastructure, and Operations (AIO) is the latest booklet released by the Federal Financial Institutions Examination Council (FFIEC) in their line of  IT Examination Handbooks. It is a...
READ MORE

A Cloud Security Reminder

Many organizations still fail to consider the unique risks posed by cloud computing… An article review. Last month thousands of Western Digital MyCloud device owners learned about the risks of cloud-based solutions the hard way: their data had been wiped remotely du...
READ MORE

CATEGORIES

General: (800) 466-9939

Facebook Youtube X-twitter

General: (800) 466-9939

Facebook Youtube X-twitter

General: (800) 466-9939

Facebook Youtube X-twitter