An Update to the FFIEC Outsourced Cloud Computing Document In April 2020, the FFIEC released their “Joint Statement on Risk Management for Cloud Computing Services” as an update to their 2012 statement “Outsourced Cloud Computing.” The 2012 statement was a short, four-page document that addressed the key elements of outsourced cloud computing as identified in […]

As more offices rely on working remotely, hackers are working to take advantage… An article review. As concerns over the coronavirus continue to mount, more Americans than ever are working remotely from their homes…and hackers are looking to take advantage of the situation.  That’s according to the Department of Homeland Security’s Cybersecurity and Infrastructure Security […]

As reports of Coronavirus spread, the agency has updated its 2007 guidance… An article review. As what began as a few isolated incidents late last year have bloomed into a what some are calling a pandemic, fears of Coronavirus (also known as COVID-19) have spread into nearly all sectors…and banking is no exception. In light […]

Despite advances in automation, millions of additional people are still needed… An article review. If you follow cybersecurity news you’d be forgiven if you thought that humans were rapidly becoming obsolete: everywhere you turn there are articles extolling the virtues of automation and artificial intelligence for staying on top of all the threats facing your […]

Show this article to your CFO the next time he or she asks for a budget. Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . It’s time . . . no wait, it’s WAY PAST TIME . . . that community banks spend the money […]

Incident response testing is the stone that kills many birds… Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Good morning.  It’s 5:00am on a weekend, and I’m preparing my talk for the Cybersecurity Conference this week. While the talk is only supposed to be […]

“Deep Fake” Technology is Behind The New Trend of AI-Assisted Fraud… An article review. It’s a scenario that probably happens far more often than we’d like to admit: an employee gets a phone call from a superior requesting they perform some task that is out of the ordinary. There are policies in place requiring more […]

These tools will help you assess and improve your cybersecurity preparedness… An article review. If you’re a regular reader of our blog, you know that we think cybersecurity training and the tools that go along with it are vitally important to any organization that relies upon computers—which is pretty much everyone, now. The Federal Financial […]

Nearly 50 vulnerabilities were found in printers from the top six brands… An article review. You’re aware of phishing scams, you don’t open e-mail attachments you weren’t expecting to receive, your virus definitions are updated regularly and you don’t connect to unsecured wifi networks…but when was the last time you thought about your printer? A […]

Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . For all the same reasons a board of directors would want to establish a risk appetite statement on loan risk or other major risk categories, the 2015 Cybersecurity Assessment Tool gave us the ability to establish […]