About Us | Contact Us
View Cart

Training Videos


 

Click the play button to see all of our movies uploaded and

organized into playlists on YouTube!

 

MOVIES 


Three Teams and a SIEM
Webinar-Movie – 1 hour
Watch Webinar Movie
You’ve heard it from every MSSP you’ve met:
the definition of a SIEM is in the eye of the beholder, but at infotex, we are not talking about the database – an asset whose definition is continuously evolving. We’re talking about the way three teams collaborate in an overall Technology Risk Monitoring process. And whether you use infotex or a different MSSP, this approach will still be in place.

Originally produced: June 2021 

What to Expect in an infotex Incident Response Tabletop Test
Webinar-Movie – 17 minutes
Watch Webinar Movie
infotex presents the 2021 update of a previously released webinar presented by our Lead Non-Technical Auditor, Adam Reynolds. This movie-short is intended for those who are planning to participate in an infotex Incident Response Test.
Originally produced: April 2021 

SIEM 3: An Introduction
Movie Short – 6 minutes
Watch Webinar Movie
infotex Programming Coordinator, Michael Hartke, introduces a high level overview of the upcoming update to the infotex SIEM. Look for more movies in the coming months informing our Clients, and those just now learning about us, about the SIEM and its features and functions.
Originally produced: April 2021 

The One Test
Movie Short – 6 minutes
Watch Webinar Movie
In 2018 the NCUA started reviewing credit unions with $1 billion or more in assets using a tool known as the Automated Cybersecurity Examination Tool, or ACET. The expansion to smaller credit unions is inevitable. In the new year, credit unions should now think about how they can come into compliance with the ACET. infotex has produced a webinar-movie to give you the basics of how a Security Information and Event Management system, or SIEM, can help your credit union comply with 34 ACET statements you are probably not currently addressing.
Originally produced: April 2021 

ACET Compliance (How a SIEM Helps your Credit Union comply with the ACET)
Webinar-Movie – 21 minutes
Watch Webinar Movie
In 2018 the NCUA started reviewing credit unions with $1 billion or more in assets using a tool known as the Automated Cybersecurity Examination Tool, or ACET. The expansion to smaller credit unions is inevitable. In the new year, credit unions should now think about how they can come into compliance with the ACET. infotex has produced a webinar-movie to give you the basics of how a Security Information and Event Management system, or SIEM, can help your credit union comply with 34 ACET statements you are probably not currently addressing.
Originally produced: March 2021 

R7: 2021’s Top Seven Technology Risks – 2021 Update
Webinar-Movie – 40 minutes
Watch Webinar Movie
What are the top seven risks your board should know about in 2021? This webinar will present the 2021 list in a manner that you can show to your board! (See the 2019 movie on how to present this to your board.) Your auditors want you to start training your board, this movie will help them “see” what most small banks are “seeing” at the board level. More importantly, it will kick the year off in the right fashion, and ensure continued maintenance of your security culture. This is great webinar-video for ISO’s needing material to take into the board meeting!
Originally produced: February 2021 

Technology Planning – 2020 Update
Webinar-Movie – 1 hour
Watch Webinar Movie
The 2020 annual webinar update on the subject includes a review of the previous years’ movies that are already available as well as a panel discussion about alternative tactics that have arisen from recent virtual conferences and regulator panels.
Originally produced: October 2020 

Reinventing Meeting Management
Webinar-Movie – 1 hour
Watch Webinar Movie
In our current world of uncertainty there is at least one thing that is certain. Business needs to continue, and that means that it is important for managers to be able to meet with their team even if everyone is working remotely at this point. In this Webinar-Movie, Dan will compare virtual meeting management best practices with the traditional practices we have been using throughout our career, so that we make remote meetings more productive and, of course, safe.
Originally produced: December 2020 

Vulnerability Management for Directors
Short- 33 minutes
Watch Webinar Movie
Our Board Awareness Training program continues with this movie, entitled Vulnerability Management for Directors, that can be presented directly to your board of directors.
Originally produced: September 2020

Incident Response for Directors
Short- 36 minutes
Watch Webinar Movie
Back by popular demand! You are ready to bring your board on-board . . . the incident response process. Incident Response for Directors is the movie meant to play directly to your Directors. It is the “movie within a movie” from the webinar, called Teaching Incident Response to your Board meant for ISO’s . . . if you have not watched that, you may want to (it includes this movie).
Originally produced: August 2020 

Down n’ Dirty Vendor Management
Webinar Movie- 1 hour
Watch Webinar Movie
One of the highest likelihood attacks we face as community-based banks is the pretext call. Resolving the issue is both difficult and time-consuming. This webinar, which will be the basis of a movie meant for all users, will define the problem, the solution, and (for ISOs) how we can teach our employees to implement the solution. 
Originally produced: July 2020 

The Network Support Provider Review Checklist
Short- 35 minutes
Watch Webinar Movie
Small banks who outsource network support have a conundrum on their hands: How do we ensure proper due diligence on a critical vendor, with possession of information, that cannot afford the standard audit regime? This webinar short attempts to answer that.
Originally produced: June 2020 

The Three Teams of the SIEM Process
Short- 28 minutes
Watch Webinar Movie
You’ve heard it from every MSSP you’ve met: the definition of a SIEM is in the eye of the beholder. But at infotex, we are not talking about the database – an asset whose definition is continuously evolving. We’re talking about the way three teams collaborate in an overall Technology Risk Monitoring process. And whether you use infotex or a different MSSP, this approach will still be in place.
Originally produced: May 2020 

Incident Response Diagramming
Short- 20 minutes
Watch Webinar Movie
With the renewed interest in data flow diagrams we would like to present a type of drawing that would not technically qualify, and yet will bring as much value (if not more) than any data flow diagram: Your incident response process. Using a diagram to illustrate your process helps keep people on the same page during an incident. This is actually the process diagram infotex is using to design our “Incident Response Wizard.”
Originally produced: April 2020 

Diagramming a Mortgage Loan Process in PowerPoint
Short- 20 minutes
Watch Webinar Movie
A question we are often asked: what medium should we use for data flow diagrams? Visio? One of the many free online tools? We are now convinced of the answer. PowerPoint. In this webinar short Dan will explain why.
Originally produced: March 2020 

What the CAT SIEMs to Be: How the infotex SIEM helps you comply with the Cybersecurity Assessment Tool.
Movie and Panel Discussion – 1 hr
Watch Webinar Movie
How does the infotex SIEM helps us comply with the Cybersecurity Assessment Tool? Our auditors are now drilling down on baseline and evolving statements, and we’ve proceeded with an assumption that infotex helps us comply with certain CAT statements. This webinar will help us not only from a compliance perspective, but also a contract management perspective (did the tuning process establish all the controls Dan will be discussing in this webinar?) This webinar may be a bit more technical than normal . . . your network engineer should join you if you’re a CIO type!
Originally produced: February 2020 

Teaching Your Board of Directors
Movie out of a Movie – 50 minutes
Watch Webinar Movie
This webinar is for Information Security Officers who need to “get the board on board!” It walks through the top seven risks community banks face in 2019/2020, from a board perspective, and includes the previous movie (The Board’s Role in Cybersecurity ). Each year Dan and his team assemble a “Top Seven Risks List” which Dan uses in his board presentations. In this webinar, Dan reviews the top risks that information security officers of small financial institutions will be focused on in 2019. This is another example of our “Movie Within A Movie” concept” where the longer webinar is meant to help ISO understand what to do with the shorter movie.
Originally produced: January 2020

R7: The Board’s Role in Cybersecurity 2020.
Movie Within A Movie – 35 minutes
Watch Webinar Movie
What are the top seven risks your board should know about in 2020? Since his first board presentation in 2000, when Dan presents audit reports to boards of directors, he also talks to the board about the top risks the institution is facing. Since 2006, Dan has been compiling a list of the “top seven risks small institutions are facing,” in preparation for his board presentations. This webinar will present the 2020 list in a manner that you can show to your board! (See the 2019 movie on how to present this to your board.) Your auditors want you to start training your board, this movie will help them “see” what most small banks are “seeing” at the board level. More importantly, it will kick the year off in the right fashion, and ensure continued maintenance of your security culture. A great webinar for ISO’s needing material to take into the board meeting.
Originally produced: Jan 2020


Technology Planning -1:10 minutes
Watch Webinar Movie
Our annual webinar on the subject will be focused on a simplified process for small institutions, and provide starting point boilerplates for documentation. Feel free to invite your entire technology committee!
Originally produced: Oct 2019

Teaching Incident Response To Your Board of Directors- 50 minutes
Watch Webinar Movie
You’ve set the policy, created a plan and had that plan audited. You even pulled an incident response tabletop test off! But guess what? None of it will work smoothly if the board isn’t on board! This is the movie to Teaching Incident Response to your Board.
Originally produced: Aug 2019

The Director’s Role in Incident Response-30 minutes
Watch Webinar Movie
You are ready to bring your board on board . . . the incident response process. Incident Response for Directors is the movie meant to play directly to your directors. It is the “movie within a movie” from the webinar, called Teaching Incident Response to your Board meant for ISO’s . . . if you have not watched that, you may want to (it includes this movie).
Originally produced: Aug 2019


Three Cybersecurity Topics for Directors- 45 minutes
Watch Webinar Movie
1) Risk Appetite Statements
2) Vulnerability Management for Directors
3) The Board’s Role in Incident Response
Originally produced: July 2019


Change Management Program- 2hrs 
Watch Webinar Movie
A simplified method for Change Management! (a proposal for small banks)
We all suffer from it: way too much to do, not enough time to do it.
How do we make sure our day-to-day activities comply with policy while also aligning with our technology strategy?
In this webinar, Dan Hadaway, CRISC CISA CISM will propose a simplified method of addressing change management that has been evolving at infotex for more than a decade.
Originally produced: Sep 2019


R-7 : A Superhero’s Guide to 2019-40 minutes
Watch Webinar Movie
This webinar is for Information Security Offices who need to “get the board on board!” It walks through the top seven risks community banks face in 2019/2020, from a board perspective, and includes the previous movie (The Board’s Role in Cybersecurity ). Each year Dan and his team assemble a “Top Seven Risks List” which Dan uses in his board presentations. In this webinar, Dan reviews the top risks that information security officers of small financial institutions will be focused on in 2019. This is another example of our “Movie Within A Movie” concept” where the longer webinar is meant to help ISO understand what to do with the shorter movie (see previous movie . . . The Board’s Role in Cybersecurity).
Originally produced: Feb 2019

The Board’s Role in Cybersecurity-30 minutes
Watch Webinar Movie
Training for the Board of Directors is hard to conjure up. In this movie, Dan uses his annual R-7 list (see next) as the basis for your 2019 Board of Directors Cyberawareness meeting! For ideas on how to present this to your board, see the next movie (Providing Board Awareness: R-7: A Superhero’s Guide to 2019!
Originally produced: Feb 2019


Simple as it SIEMs for Banks –
Technology Risk Monitoring for Banks (1 hr 30 minutes)
Watch Webinar Movie
At infotex, we define a SIEM as the place where three teams can assemble as one team: the Internal Technical Team, the Incident Response Team, and the Network Monitoring Team (which in our case is infotex, the MSSP.) Our SIEM cross-checks threat intelligence with real-time data from the network, your internal team, and the community. This webinar is a MUST for anybody interested in the infotex SIEM.
Originally produced: Dec 2018

Simple as it SIEMs –
Technology Risk Monitoring for School Cybersecurity Professionals (1 hr 15 minutes)
Watch Webinar Movie
Having worked as the MSSP of choice for several school corporations since 2003, infotex has developed a posture approach that will ensure our number one deliverable:
“Our Clients Sleep at Night.”
Dan will review why a school corporation should be using a SIEM, what a SIEM actually is . . . . and then the fun begins as we walk through a SIEM in action, and discuss tuning processes.
Originally produced: Dec 2018

Testing your SIEM-1hr
Watch Webinar Movie
Given that infotex has been watching networks since 2000, and has been developing a SIEM since 2005, and given that we are IT Auditors, we have a long laundry list of tests for your SIEM
In preparing our talk on SIEMs for the IBA’s Cybersecurity Conference, Dan had a whole section on testing SIEMs that would not make it into the talk. This one hour webinar is that section. Dan will review quality controls you must ensure are in place for your SIEM, and then dive deep into how to test each of those controls.
Originally produced: Nov 2018

Technology Planning-55 minutes
Watch Webinar Movie
Our annual webinar on the subject will be focused on a simplified process for small institutions, and we will provide starting point boilerplates for documentation. Feel free to invite your entire technology committee!.
Originally produced: Oct 2018

Down and Dirty Vendor Management
Watch Webinar Movie
Based on what he is finding in reviews of several audits where Clients talked us into accepting shortcuts, Dan will review at least three five seven far-reaching shortcuts (that your auditor and/or examiner MAY agree with).
Originally produced: Jul 2018

Teaching Out of Wallet Questions  
Watch Webinar Movie
One of the highest likelihood attacks we face as community-based banks is the pretext call. Resolving the issue is both difficult and time-consuming. This webinar, which will be the basis of a movie meant for all users, will define the problem, the solution, and (for ISOs) how we can teach our employees to implement the solution. This is another of our Movie Within a Movie Webinars, where the longer webinar is meant to help ISOs understand what to do with the shorter movie (see next.)
Originally produced: Apr 2018

Thirty Minute Version:  Asking Out of Wallet Questions:  The Movie for all Bank Employees 
Watch Webinar Movie
Do you know how to prove a caller is who they say they are, before giving them sensitive information?

Let’s say it another way: Do you know how to identify telephone callers by asking what the regulators call “Out of Wallet Questions?”

This movie is meant to teach all bank employees how to ask Out of Wallet Questions, and why using them is so important to our customers’ financial health

Originally produced: Apr 2018

Unabridged One Hour Version:  Asking Out of Wallet Questions:  The Movie for all Bank Employees
Watch Webinar Movie
Do you know how to prove a caller is who they say they are, before giving them sensitive information?

Let’s say it another way: Do you know how to identify telephone callers by asking what the regulators call “Out of Wallet Questions?”

This movie is meant to teach all bank employees how to ask Out of Wallet Questions, and why using them is so important to our customers’ financial health.

Originally produced: Apr 2018


Providing Board Awareness:  R-7: A Superhero’s Guide to 2018 and Beyond!
Watch Webinar Movie
This webinar is for Information Security Offices who need to “get the board on board!”  It walks through the top seven risks community banks face in 2018/2019, from a board perspective, and includes the previous movie (Cybersecurity for the Board.). Each year Dan and his team assemble a “Top Seven Risks List” which Dan uses in his board presentations. In this webinar, Dan reviews the top risks that information security officers of small financial institutions will be focused on in 2018. This is another example of our “Movie Within A Movie” concept” where the longer webinar is meant to help ISO understand what to do with the shorter movie (see previous movie . . . Cybersecurity for the Board!).
Originally produced: Jan 2018

Cybersecurity for the Board
Watch Webinar Movie
Training for the Board of Directors is hard to conjure up. In this movie, Dan uses his annual R-7 list (see next) as the basis for your 2018 Board of Directors Cyberawareness meeting! For ideas on how to present this to your board, see the next movie (Providing Board Awareness: R-7: A Superhero’s Guide to 2018 and Beyond!)
Originally produced: Jan 2018


Vigilize This! – Cybersanity and the Incident Response Program
Watch Webinar Movie
Dan just found out this webinar is on his birthday, so he’s planning on an “outside-the-box” webinar, Dan (and others if necessary!) will be presenting the Equifax breach using the infotex boilerplate for the Incident Response Log as a framework.
Originally produced: Nov 2017

Technology Planning
Watch Webinar Movie
Our annual webinar on the subject will be focused on a simplified process for small institutions, and provide starting point boilerplates for documentation. Feel free to invite your entire technology committee!
Originally produced: Oct 2017

You Asked For It
Contract Review: A Drill-Down for Those Brave Enough
!
Watch Webinar Movie
In June we delivered a webinar called “What Do We Tell Those Poor Vendor Owners,” which was about simplifying the vendor management guidance so that your vendor owners can understand the big picture of what needs to happen, and reduced a contract checklist to four basic promises. The movie for that webinar is now available. But after the webinar, we received several requests to “drill down on that contract checklist.” This is that drill down.
Watch Video
Originally produced: Sep 2017

Expected Controls:
How to Review a SOC-1 or Two, Part Two!
Watch Webinar Movie
While the AICPA has been busy updating the SSAE-16 to an SSAE-18, we’ve been busy figuring out how to review the deliverables, regardless of the specifics of the approach taken. And we have one problem with the whole process: how do you know the vendor has tested the controls you would expect. This webinar is a drill-down on “How to Review a SOC-1 or Two.”
Originally produced: Aug 2017

What to Look for in a SIEM
Watch Webinar Movie
You’re needing to find a SIEM and you’re a small organization. You’re jaw still hurts from how hard it hit the ground when you found out how much time and effort goes into setting up your own SIEM. And that was before they gave you the price. And meanwhile, every time you ask a vendor what a SIEM is, you get a different answer. This webinar will try to look at a SIEM from the ground up . . . why it is important to have in place, what the cadillacs can do, what makes sense from adoption philosophy (early majority, later majority, laggard) planning perspectives. And . . . what does it need to do currently for small organizations.
Originally produced: Jul 2017

Four Primary Risk Management Goals of a Contract
Watch Webinar Movie
So you’re in a big hurry and you just want to quickly check if a contract passes muster. While your examiner might not like it, you have decided that you’re going to play the 80/20 rule. You have documented rationale . . . you don’t want to spend too much time in contract review if the assurance review fails, but you have to k now if the contract has basic provisions before you want to spend any time on the assurance review. You realize that your auditors and examiners will want to see a more thorough review if you DO pull the trigger, but you need to break through a chicken/egg regularity with new vendor due diligence: the contract and the assurance. So if, in a down-and-dirty contract review, you could find 80% of what really reduces risk, maybe you can save a lot of time by ignoring the other 20%, which is about 80% of the time it takes to review a contract. This webinar will talk about a prioritized approach to contract review that . . . . warning . . . may not be completely endorsed by your regulator. (But will at least get you to a quick decision as to whether it is worth pursuing the other elements of vendor due diligence.)
Originally produced: Jun 2017

Canaries in a Coal Mine
Watch Webinar Movie
As auditors who also watch networks as an MSSP, we see many leading indicators of breaches. This webinar will review both the “dead birds” . . . phenomena that means you’ve already been hacked . . . and the “sick birds,” phenomena that, if not fixed, will lead to a successful breach in your organization.
Originally produced: Apr 2017

Password Management Controls
Watch Webinar Movie
Authentication . . . one of the most important controls on our network . . . is often undefined, primarily because there is no good starting point. While most of us are big on documented password policies, the technical enforcement of nontechnical password policies remains a mystery to those outside network management. In this free webinar, Dan will review what we should document, what should remain undocumented, ways to address “shared credentials,” and . . .. most importantly, reveal a free boilerplate that will get you started on documenting your own Password Management Procedure.
Originally produced: Mar 2017

Decision Trees as a Training Tool
Watch Webinar Movie
So you’ve assembled your Incident Response Team, you’ve done the Plan Walkthrough, you’ve even tested the team a couple of times with tabletop testing. Now what? Join us for this free webinar as Dan provides a handy training . . . . and if you’re a large institution, planning . . . . tool!
Originally produced: Feb 2017

Insurance Review Iteration #2
Watch Webinar Movie
An unlikely question being placed on the desk of many Information Security Officers: How do you know you are properly insured? Dan will help us answer the question: What questions should be asked when you prepare to transfer risk (acquire Cyber Insurance or other types of Insurance)?
Originally produced: Jan 2017

How to Review the SOC One or Two!
Watch Webinar Movie
How do you know which user control considerations require follow-up? The SSAE-16 Review Checklist helps you organize your approach, make sure it is risk-based, and properly communicate resulting risk from the vendor due diligence process. An excel spreadsheet, this checklist includes all the appropriate questions that must be asked during an SSAE-16 review, with an easy risk ranking metric that will allow you to compare all critical vendors.
Originally produced: Jun 2016

Data Flow Diagramming
Watch Webinar Movie
If you’ve performed your Cybersecurity Assessment you’re probably wondering, “what is this data flow diagramming thing, why have my auditors never asked me for it, and how do I do one for my bank?” Join us as we run down the answers to those three important questions!
Originally produced: Mar 2016

Incident Response in the World of CAT Domains Two, Three and Five
Watch Webinar Movie
Are you through your cybersecurity assessment first iteration and wondering what the heck you’re going to do about a handful of statements related to incident response? Join us for this free one hour webinar that helps connect the dots from what you’re already doing to what you need to do as it comes to baseline and evolving incident response statements.
Originally produced: May 2016

CAT NIP – Drilling Down on the CAT Incident Response Statements
Watch Webinar Movie
So we’ve identified the dozens or so statements, in the Cybersecurity Assessment Tool, that we aren’t proud of. And many of them are about incident response. This webinar will drill down on one of the more prevalent deficiencies with smaller banks:
Testing Your Incident Response Plan
Learn how to fulfill the loose guidance about incident response testing in a manner that delivers value. Deliverables will include templates for a Test Plan, Test Minutes, and Post-mortem review, as well as discussion of sub-scenarios, tabletop test practices, and how to get incident response testing from your existing audit plan.
Originally produced: May 2016

Cyber Insurance – The Questions that You Should Ask When You Transfer Technology Risk!
Watch Webinar Movie
An unlikely question being placed on the desk of many Information Security Officers: How do you know you are properly insured? Dan will help us answer the question: What questions should be asked when you prepare to transfer risk (acquire Cyber Insurance or other types of Insurance)?
Originally produced: Jul 2016

Awareness in All Directions
Watch Webinar Movie
Back to the rest of Technology Risk Management, through IT Governance . . . . whether your most likely threat is cyber or non-technical pretext calling, no matter where the risk falls, the number one control that takes care of everything else is Awareness. A three-sixty summary of Awareness in All Directions . . . Board awareness, so that the entire company stays on the same page. Management awareness, so you ensure appropriate control enforcement. Technical awareness, so you learn mitigation controls to bring unacceptable inherent risk to acceptable (usually low) residual risk. And, of course, User Awareness, so that all users of technology and information enforce user controls. Dan will kickoff a four or five part series about the four corners of awareness in “Awareness in All Directions.”
Originally produced: Aug 2016

Disaster Planning Meets Awareness Training Meets Risk Monitoring
Watch Webinar Movie
Integrating the Technical with the Nontechnical Aspects of incident Response Planning. Case studies back up the need for a monthly Incident Response Team process.
Originally produced: Sep 2016

Technology Planning
Watch Webinar Movie
Our annual webinar on the subject will be focused on a simplified process for small institutions, and provide starting point boilerplates for documentation. Feel free to invite your entire technology committee!
Originally produced: Oct 2016

Training Your Incident Response Team – The CAT MAIT Almanac
Watch Webinar Movie
Start planning for easy ways to Train Your Incident Response Team in 2017. Dan will run through an almanac of CAT statements and suggest how existing guidance can be leveraged.
Originally produced: Nov 2016

Incident Response Testing – What to Expect
Watch Webinar Movie
This presentation is intended for those who are planning to participate in an infotex incident response test. Please let us know what questions you have, when we have our Plan Walkthrough and Test Plan Approval meeting!
Originally produced: May 2017

2020 Jam Cancellation
Watch Video
A short announcing the sad news that the 2020 infotex Jam was cancelled.
Originally produced: May 2017

Legal Disclaimer
Watch Video
All presentations on this page come with this disclaimer!

infotex Audits – What To Expect
Short- 18 minutes
Watch Video
A short that walks Clients and prospective Clients on what to expect during an infotex Audit.
Originally produced: January 2017

Due Diligence Packet Movie
Client Video- 7 minutes
Watch Video
A short video explaining the Due Diligence Packet that we send out to Clients and other customers.
Originally produced: April 2020

You Spoke, We Listened, AGAIN!
Watch Video

 

You Spoke, We Listened 
Watch Video

 

Remote Productivity
Short- 10 minutes
Watch Video
In this ten minute video, Dan answers the question, “how do we know employees are productive when working from home?”
Originally produced: April 2020

infotex SIEM Data Flow Diagram
Feature Video- 5 minutes
Watch Video
In this short video, Michael, our “Envoy from the SIEM”, walks us through how data flows through the current infotex System Information and Event Management system.
Originally produced: April 2020

 


same_strip_012513


Latest Articles
    Another awareness poster for YOUR customers (and users).  Now that we have our own employees aware, maybe it’s time to start posting content for our customers! Download the large versions here: Awareness Poster (Portrait) Awareness Poster (Landscape)   You are welcome to print out and distribute this around your office. Interested in one of ours […]
    Questions about China’s new disclosure laws only highlight the uncertainty about disclosure in general… An article review. China recently made waves in the security world by announcing a new set of data security laws, one of which has added new fuel to a long running debate: how and when should security vulnerabilities be disclosed…and to […]
    Four Conditions … …For Why a Network Can be Anything But a Network! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . I have to admit that infotex is being called into engineering meetings with larger organizations these days that are NOT community based banks.  We […]
    Another awareness poster for YOUR customers (and users).  Now that we have our own employees aware, maybe it’s time to start posting content for our customers! Download the large versions here: Awareness Poster (Portrait) Awareness Poster (Landscape)   You are welcome to print out and distribute this around your office. Interested in one of ours […]
    If Zero days need Zero clicks, are there any secure devices in the mix? Tanvee Dhir explores the Pegasus spyware. Another technical post, meant to inspire thought about IT Governance . . . . Introduction Over the past couple of weeks, we have seen multiple stories regarding a powerful piece of spyware called Pegasus sold […]
    Our Lead Non-Technical Auditor takes a look at the new AIO Guidance… Architecture, Infrastructure, and Operations (AIO) is the latest booklet released by the Federal Financial Institutions Examination Council (FFIEC) in their line of  IT Examination Handbooks. It is an update to their 2004 Operations booklet and, as the name implies, expands into the areas […]
    Another awareness poster for YOUR customers (and users).  Now that we have our own employees aware, maybe it’s time to start posting content for our customers! Download the large versions here: Awareness Poster (Portrait) Awareness Poster (Landscape)   You are welcome to print out and distribute this around your office. Interested in one of ours […]
    Many organizations still fail to consider the unique risks posed by cloud computing… An article review. Last month thousands of Western Digital MyCloud device owners learned about the risks of cloud-based solutions the hard way: their data had been wiped remotely due to a flaw in the internet-facing component of their external hard drives. While […]
    infotex does not use Kaseya… We are protecting our Clients! Another blog post meant to inspire thought about IT Governance . . . . To all infotex managed security service Clients: As you may be aware there was a large ransomware attack recently that leveraged a remote management tool called Kaseya that is used by many […]
    While we’re not a news service, we often use current events to comment on trends and our services. This blog is intended to get people thinking about topics and trends in Technology Risk Management, through our article reviews, as well as through original blog articles about current events and our MSSP services (such as our […]