The seven best trend articles in 2019 . . . For ISOs of small financial institutions. While it may not feel like it yet for some of us, we’re well on our way into 2019, and that means it’s time for the last of our annual articles looking at predictions and trends in information technology. Previously, […]

Third party ‘location brokers’ are reselling data from carriers, and there may not be much you can do about it. An Article Review. For many years it has been common knowledge that your cell phone’s physical location can be identified–signal triangulation, GPS and even nearby wifi networks can be used by your cell phone company, […]

Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . When Dan presents audit reports to boards of directors, he also talks to the board about the top risks the institution is facing. Since 2006, Dan has been compiling a list of the “top seven risks […]

  The Internet of Things and privacy continue to present challenges to businesses… An article review. It seems our own Dan Hadaway isn’t the only one making predictions about upcoming trends this time of year! NIST recently concluded their Cybersecurity Risk Management Conference and an article submitted to us by Wes Pollard details some of their […]

Devices like fax machines and copiers are often classified as office supplies and slip past IT scrutiny… An article review. Despite all the advances in technology, most offices still generate large volumes of printed documents, and the devices used to produce and process those documents could expose you to more risk than you’d think. A […]

Just in time for the next round of SOC reviews, we’ve reviewed and updated our metrics… Well it’s that time of year again: the days are growing shorter, the leaves are changing color and your compliance officer is gathering up SOC reports for this year’s round of reviews! Here at infotex we’ve long maintained a […]

What the FFIEC has to say about succession planning for members of the IT Governance process… We have been hearing about examination findings requiring Clients to create a succession plan for key members of the IT Governance process.  Dan asked me to update our research on this issue and, as a byproduct, I have produced […]

The FDIC has released new training material to help small banks start a discussion on risk… An article review. Sometimes it can be difficult to find a starting point when getting your employees discussing risk and technology, and while we do provide our own resources on the subject we wanted to pass along another resource […]

While already happening in practice, the new legislation would officially make it one of the agency’s priorities. An article review. In an acknowledgment of what is recognized as a growing threat, legislation introduced recently in the House of Representatives would officially add industrial control systems to the Department of Homeland Security’s cybersecurity priorities. The bill, […]

Previously thought to be designed to deliver a DDoS attack, VPNFilter can alter data in transit and change what you see on your screen. An article review. Initially, researchers thought that a new piece of router-based malware called VPNFilter was a relatively simple tool for directing and implementing a distributed denial of service (DDoS) attack. […]