About Us | Contact Us
View Cart
Archive for 'Risk Management' Category

Four Risk Appetite Statements

By Dan Hadaway - Last updated: Thursday, June 6, 2019

Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . For all the same reasons a board of directors would want to establish a risk appetite statement on loan risk or other major risk categories, the 2015 Cybersecurity Assessment Tool gave us the ability to establish […]


Interns Present New Social Media Risk

By Vigilize - Last updated: Monday, June 3, 2019

A new generation of interns may open organizations up to new risks… An article review. If you’ve been paying attention to the world of breaches and other security lapses over the years, the idea of the “insider threat” is probably nothing new—your own employees can sometimes be as likely to cause an incident as a […]


Many School Districts Are Still Vulnerable To WannaCry

By Vigilize - Last updated: Tuesday, May 28, 2019

Years after patches were released, many systems remain vulnerable… An article review. While it has been over two years since the WannaCry exploit was publicly announced, a new report submitted by our own Sean Waugh says that hundreds of thousands of internet-connected machines are still vulnerable…and many of those machines belong to government agencies and […]


Microsoft Considers Changing Password Guidance

By Vigilize - Last updated: Monday, April 29, 2019

Password expiration rules can create more problems than they solve… An article review. Passwords, it seems, are a lot like diets. They’re often necessary, but no one really wants to have to deal with them–and we’re always looking for the next trick to make the process easier. And just like there’s always a new diet […]


Sign-In Kiosks May Be Putting You At Risk

By Vigilize - Last updated: Monday, March 11, 2019

New research reveals issues with these commonly overlooked devices… An article review. With computers involved in our lives and businesses in so many ways, it can seem like we’re always being warned of another overlooked device that is ready to wreak havoc. While the attention of many security researchers has been focused on the rise […]


New Exploits Turn ATM Hacking Into a Game

By Vigilize - Last updated: Monday, February 25, 2019

Hackers are getting unusually creative in their attacks… An article review. One drawback of limiting the scope of our annual review articles (the M-7, T-7 and R-7) to seven items is that we don’t always get to include every subject we’d like to. Luckily we had our friend Wes Pollard to point out a great […]


T7: The Trend of Trends 2019

By Vigilize - Last updated: Monday, February 11, 2019

The seven best trend articles in 2019 . . . For ISOs of small financial institutions. While it may not feel like it yet for some of us, we’re well on our way into 2019, and that means it’s time for the last of our annual articles looking at predictions and trends in information technology. Previously, […]


Data For Sale: How Anyone Can Locate Your Phone

By Vigilize - Last updated: Monday, January 21, 2019

Third party ‘location brokers’ are reselling data from carriers, and there may not be much you can do about it. An Article Review. For many years it has been common knowledge that your cell phone’s physical location can be identified–signal triangulation, GPS and even nearby wifi networks can be used by your cell phone company, […]


R-7 – The Top Seven Risks – 2019

By Dan Hadaway - Last updated: Monday, January 7, 2019

Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . When Dan presents audit reports to boards of directors, he also talks to the board about the top risks the institution is facing. Since 2006, Dan has been compiling a list of the “top seven risks […]


Takeaways From The NIST Cybersecurity Risk Management Conference

By Vigilize - Last updated: Monday, December 17, 2018

  The Internet of Things and privacy continue to present challenges to businesses… An article review. It seems our own Dan Hadaway isn’t the only one making predictions about upcoming trends this time of year! NIST recently concluded their Cybersecurity Risk Management Conference and an article submitted to us by Wes Pollard details some of their […]