About Us | Contact Us
View Cart

Training Videos

 

Click the play button to see all of our movies uploaded and

organized into playlists on YouTube!

 

MOVIES 

The Five Precepts of IT Vendor Management
Webinar-Movie – 23 minutes
Watch Webinar Movie
We’re going back to basics on Vendor Management. This webinar will give you a training tool to help out that new person that is starting to take on the gargantuan task that is Vendor Management.
Originally produced: May 2022

R7: 2022’s Top Seven Technology Risks
Webinar-Movie – 56 minutes
Watch Webinar Movie
What are the top seven risks your board should know about in 2022? Since 2006, we have been compiling a list of the “top seven risks small institutions are facing,” in preparation for his board presentations.

This webinar will present the 2021 list in a manner that you can show to your board! (See the 2019 movie on how to present this to your board.) Your auditors want you to start training your board, this movie will help them “see” what most small banks are “seeing” at the board level. More importantly, it will kick the year off in the right fashion, and ensure continued maintenance of your security culture.

This is great webinar-video for ISO’s needing material to take into the board meeting!
Originally produced: March 2022

Behind Your Credit Union’s Recent NCUA IT Exams Findings
Webinar-Movie – 21 minutes
Watch Webinar Movie
In 2018 the NCUA started reviewing credit unions with $1 billion or more in assets using a tool known as the Automated Cybersecurity Examination Tool, or as we call it: the ACET. The expansion to smaller credit unions is inevitable. In the new year, credit unions should now think about how they can come into compliance with the ACET. infotex has produced a webinar-movie to give you the basics of how a Security Information and Event Management system, or SIEM, can help your credit union comply with 34 ACET statements you are probably not currently addressing.
Originally produced: March 2022

The Magnificent Seven for 2022
Webinar-Movie – 1 hour 3 minutes
Watch Movie
What does the future hold for ISOs of smaller institutions? What are the top seven trends, according to the infotex team, for 2022?
Originally produced: January 2022

Technology Planning and Your First AIO Plan
Webinar-Movie – 1 hour 6 minutes
Watch Movie
The FFIEC’s latest guidance: The Architecture, Infrastructure, and Operations, has brought many changes to exactly how a small financial institution may look at their Technology Planning for 2022. Included in that will be the opportunity to write your first Architecture Plan and we intend to show you what may be involved in that!
Originally produced: December 2021 

Magnificent Seven Commercial
Movie-Short – 1 minute
Watch Movie
Join Cowhand Dan to learn about the Seven Trends that a small Bank may face in 2022.
Originally produced: December 2021 

Women in Business
Movie-Short – 2 minutes
Watch Movie
infotex is a woman owned business and we made this video in support of Women’s Entrepreneurship Day!
Originally produced: November 2021 

The AIO’s Impact on Technology Planning
Webinar-Movie – 1 hour 10 minutes
Watch Movie
Dan is joined by a Panel to discuss the FFIEC’s New AIO Guidance and how it may impact Technology Planning in the future.
Originally produced: October 2021 

Women in Banking
Movie-Short – 2 minutes
Watch Movie
As a Woman Owned Business, infotex is proudly a supporter of all women in the Banking Industry.
Originally produced: October 2021 

Scary Cybersecurity Facts
Movie-Short – 1 minute
Watch Movie
Happy Halloween, here are some scary facts that you probably don’t wanna know about cybersecurity!
Originally produced: October 2021 

AIO Seven Minute Walk-Around
Movie-Short – 8 minutes
Watch Movie
Dan walks around the AIO Discovery Kit.
Originally produced: October 2021 

Three Teams and a SIEM
Webinar-Movie – 1 hour
Watch Webinar Movie
You’ve heard it from every MSSP you’ve met:
the definition of a SIEM is in the eye of the beholder, but at infotex, we are not talking about the database – an asset whose definition is continuously evolving. We’re talking about the way three teams collaborate in an overall Technology Risk Monitoring process. And whether you use infotex or a different MSSP, this approach will still be in place.
Originally produced: June 2021 

What to Expect in an infotex Incident Response Tabletop Test
Webinar-Movie – 17 minutes
Watch Webinar Movie
infotex presents the 2021 update of a previously released webinar presented by our Lead Non-Technical Auditor, Adam Reynolds. This movie-short is intended for those who are planning to participate in an infotex Incident Response Test.
Originally produced: April 2021 

SIEM 3: An Introduction
Movie Short – 6 minutes
Watch Webinar Movie
infotex Programming Coordinator, Michael Hartke, introduces a high level overview of the upcoming update to the infotex SIEM. Look for more movies in the coming months informing our Clients, and those just now learning about us, about the SIEM and its features and functions.
Originally produced: April 2021 

The One Test
Movie Short – 6 minutes
Watch Webinar Movie
In 2018 the NCUA started reviewing credit unions with $1 billion or more in assets using a tool known as the Automated Cybersecurity Examination Tool, or ACET. The expansion to smaller credit unions is inevitable. In the new year, credit unions should now think about how they can come into compliance with the ACET. infotex has produced a webinar-movie to give you the basics of how a Security Information and Event Management system, or SIEM, can help your credit union comply with 34 ACET statements you are probably not currently addressing.
Originally produced: April 2021 

ACET Compliance (How a SIEM Helps your Credit Union comply with the ACET)
Webinar-Movie – 21 minutes
Watch Webinar Movie
In 2018 the NCUA started reviewing credit unions with $1 billion or more in assets using a tool known as the Automated Cybersecurity Examination Tool, or ACET. The expansion to smaller credit unions is inevitable. In the new year, credit unions should now think about how they can come into compliance with the ACET. infotex has produced a webinar-movie to give you the basics of how a Security Information and Event Management system, or SIEM, can help your credit union comply with 34 ACET statements you are probably not currently addressing.
Originally produced: March 2021 

R7: 2021’s Top Seven Technology Risks – 2021 Update
Webinar-Movie – 40 minutes
Watch Webinar Movie
What are the top seven risks your board should know about in 2021? This webinar will present the 2021 list in a manner that you can show to your board! (See the 2019 movie on how to present this to your board.) Your auditors want you to start training your board, this movie will help them “see” what most small banks are “seeing” at the board level. More importantly, it will kick the year off in the right fashion, and ensure continued maintenance of your security culture. This is great webinar-video for ISO’s needing material to take into the board meeting!
Originally produced: February 2021 

Technology Planning – 2020 Update
Webinar-Movie – 1 hour
Watch Webinar Movie
The 2020 annual webinar update on the subject includes a review of the previous years’ movies that are already available as well as a panel discussion about alternative tactics that have arisen from recent virtual conferences and regulator panels.
Originally produced: October 2020 

Reinventing Meeting Management
Webinar-Movie – 1 hour
Watch Webinar Movie
In our current world of uncertainty there is at least one thing that is certain. Business needs to continue, and that means that it is important for managers to be able to meet with their team even if everyone is working remotely at this point. In this Webinar-Movie, Dan will compare virtual meeting management best practices with the traditional practices we have been using throughout our career, so that we make remote meetings more productive and, of course, safe.
Originally produced: December 2020 

Vulnerability Management for Directors
Short- 33 minutes
Watch Webinar Movie
Our Board Awareness Training program continues with this movie, entitled Vulnerability Management for Directors, that can be presented directly to your board of directors.
Originally produced: September 2020

Incident Response for Directors
Short- 36 minutes
Watch Webinar Movie
Back by popular demand! You are ready to bring your board on-board . . . the incident response process. Incident Response for Directors is the movie meant to play directly to your Directors. It is the “movie within a movie” from the webinar, called Teaching Incident Response to your Board meant for ISO’s . . . if you have not watched that, you may want to (it includes this movie).
Originally produced: August 2020 

Down n’ Dirty Vendor Management
Webinar Movie- 1 hour
Watch Webinar Movie
One of the highest likelihood attacks we face as community-based banks is the pretext call. Resolving the issue is both difficult and time-consuming. This webinar, which will be the basis of a movie meant for all users, will define the problem, the solution, and (for ISOs) how we can teach our employees to implement the solution. 
Originally produced: July 2020 

The Network Support Provider Review Checklist
Short- 35 minutes
Watch Webinar Movie
Small banks who outsource network support have a conundrum on their hands: How do we ensure proper due diligence on a critical vendor, with possession of information, that cannot afford the standard audit regime? This webinar short attempts to answer that.
Originally produced: June 2020 

The Three Teams of the SIEM Process
Short- 28 minutes
Watch Webinar Movie
You’ve heard it from every MSSP you’ve met: the definition of a SIEM is in the eye of the beholder. But at infotex, we are not talking about the database – an asset whose definition is continuously evolving. We’re talking about the way three teams collaborate in an overall Technology Risk Monitoring process. And whether you use infotex or a different MSSP, this approach will still be in place.
Originally produced: May 2020 

Incident Response Diagramming
Short- 20 minutes
Watch Webinar Movie
With the renewed interest in data flow diagrams we would like to present a type of drawing that would not technically qualify, and yet will bring as much value (if not more) than any data flow diagram: Your incident response process. Using a diagram to illustrate your process helps keep people on the same page during an incident. This is actually the process diagram infotex is using to design our “Incident Response Wizard.”
Originally produced: April 2020 

Diagramming a Mortgage Loan Process in PowerPoint
Short- 20 minutes
Watch Webinar Movie
A question we are often asked: what medium should we use for data flow diagrams? Visio? One of the many free online tools? We are now convinced of the answer. PowerPoint. In this webinar short Dan will explain why.
Originally produced: March 2020 

What the CAT SIEMs to Be: How the infotex SIEM helps you comply with the Cybersecurity Assessment Tool.
Movie and Panel Discussion – 1 hr
Watch Webinar Movie
How does the infotex SIEM helps us comply with the Cybersecurity Assessment Tool? Our auditors are now drilling down on baseline and evolving statements, and we’ve proceeded with an assumption that infotex helps us comply with certain CAT statements. This webinar will help us not only from a compliance perspective, but also a contract management perspective (did the tuning process establish all the controls Dan will be discussing in this webinar?) This webinar may be a bit more technical than normal . . . your network engineer should join you if you’re a CIO type!
Originally produced: February 2020 

Teaching Your Board of Directors
Movie out of a Movie – 50 minutes
Watch Webinar Movie
This webinar is for Information Security Officers who need to “get the board on board!” It walks through the top seven risks community banks face in 2019/2020, from a board perspective, and includes the previous movie (The Board’s Role in Cybersecurity ). Each year Dan and his team assemble a “Top Seven Risks List” which Dan uses in his board presentations. In this webinar, Dan reviews the top risks that information security officers of small financial institutions will be focused on in 2019. This is another example of our “Movie Within A Movie” concept” where the longer webinar is meant to help ISO understand what to do with the shorter movie.
Originally produced: January 2020

R7: The Board’s Role in Cybersecurity 2020.
Movie Within A Movie – 35 minutes
Watch Webinar Movie
What are the top seven risks your board should know about in 2020? Since his first board presentation in 2000, when Dan presents audit reports to boards of directors, he also talks to the board about the top risks the institution is facing. Since 2006, Dan has been compiling a list of the “top seven risks small institutions are facing,” in preparation for his board presentations. This webinar will present the 2020 list in a manner that you can show to your board! (See the 2019 movie on how to present this to your board.) Your auditors want you to start training your board, this movie will help them “see” what most small banks are “seeing” at the board level. More importantly, it will kick the year off in the right fashion, and ensure continued maintenance of your security culture. A great webinar for ISO’s needing material to take into the board meeting.
Originally produced: Jan 2020

Technology Planning -1:10 minutes
Watch Webinar Movie
Our annual webinar on the subject will be focused on a simplified process for small institutions, and provide starting point boilerplates for documentation. Feel free to invite your entire technology committee!
Originally produced: Oct 2019

Teaching Incident Response To Your Board of Directors- 50 minutes
Watch Webinar Movie
You’ve set the policy, created a plan and had that plan audited. You even pulled an incident response tabletop test off! But guess what? None of it will work smoothly if the board isn’t on board! This is the movie to Teaching Incident Response to your Board.
Originally produced: Aug 2019

The Director’s Role in Incident Response-30 minutes
Watch Webinar Movie
You are ready to bring your board on board . . . the incident response process. Incident Response for Directors is the movie meant to play directly to your directors. It is the “movie within a movie” from the webinar, called Teaching Incident Response to your Board meant for ISO’s . . . if you have not watched that, you may want to (it includes this movie).
Originally produced: Aug 2019

Three Cybersecurity Topics for Directors- 45 minutes
Watch Webinar Movie
1) Risk Appetite Statements
2) Vulnerability Management for Directors
3) The Board’s Role in Incident Response
Originally produced: July 2019

Change Management Program- 2hrs 
Watch Webinar Movie
A simplified method for Change Management! (a proposal for small banks)
We all suffer from it: way too much to do, not enough time to do it.
How do we make sure our day-to-day activities comply with policy while also aligning with our technology strategy?
In this webinar, Dan Hadaway, CRISC CISA CISM will propose a simplified method of addressing change management that has been evolving at infotex for more than a decade.
Originally produced: Sep 2019

R-7 : A Superhero’s Guide to 2019-40 minutes
Watch Webinar Movie
This webinar is for Information Security Offices who need to “get the board on board!” It walks through the top seven risks community banks face in 2019/2020, from a board perspective, and includes the previous movie (The Board’s Role in Cybersecurity ). Each year Dan and his team assemble a “Top Seven Risks List” which Dan uses in his board presentations. In this webinar, Dan reviews the top risks that information security officers of small financial institutions will be focused on in 2019. This is another example of our “Movie Within A Movie” concept” where the longer webinar is meant to help ISO understand what to do with the shorter movie (see previous movie . . . The Board’s Role in Cybersecurity).
Originally produced: Feb 2019

The Board’s Role in Cybersecurity-30 minutes
Watch Webinar Movie
Training for the Board of Directors is hard to conjure up. In this movie, Dan uses his annual R-7 list (see next) as the basis for your 2019 Board of Directors Cyberawareness meeting! For ideas on how to present this to your board, see the next movie (Providing Board Awareness: R-7: A Superhero’s Guide to 2019!
Originally produced: Feb 2019

Simple as it SIEMs for Banks –
Technology Risk Monitoring for Banks (1 hr 30 minutes)
Watch Webinar Movie
At infotex, we define a SIEM as the place where three teams can assemble as one team: the Internal Technical Team, the Incident Response Team, and the Network Monitoring Team (which in our case is infotex, the MSSP.) Our SIEM cross-checks threat intelligence with real-time data from the network, your internal team, and the community. This webinar is a MUST for anybody interested in the infotex SIEM.
Originally produced: Dec 2018

Simple as it SIEMs –
Technology Risk Monitoring for School Cybersecurity Professionals (1 hr 15 minutes)
Watch Webinar Movie
Having worked as the MSSP of choice for several school corporations since 2003, infotex has developed a posture approach that will ensure our number one deliverable:
“Our Clients Sleep at Night.”
Dan will review why a school corporation should be using a SIEM, what a SIEM actually is . . . . and then the fun begins as we walk through a SIEM in action, and discuss tuning processes.
Originally produced: Dec 2018

Testing your SIEM-1hr
Watch Webinar Movie
Given that infotex has been watching networks since 2000, and has been developing a SIEM since 2005, and given that we are IT Auditors, we have a long laundry list of tests for your SIEM
In preparing our talk on SIEMs for the IBA’s Cybersecurity Conference, Dan had a whole section on testing SIEMs that would not make it into the talk. This one hour webinar is that section. Dan will review quality controls you must ensure are in place for your SIEM, and then dive deep into how to test each of those controls.
Originally produced: Nov 2018

Technology Planning-55 minutes
Watch Webinar Movie
Our annual webinar on the subject will be focused on a simplified process for small institutions, and we will provide starting point boilerplates for documentation. Feel free to invite your entire technology committee!.
Originally produced: Oct 2018

Down and Dirty Vendor Management
Watch Webinar Movie
Based on what he is finding in reviews of several audits where Clients talked us into accepting shortcuts, Dan will review at least three five seven far-reaching shortcuts (that your auditor and/or examiner MAY agree with).
Originally produced: Jul 2018

Teaching Out of Wallet Questions  
Watch Webinar Movie
One of the highest likelihood attacks we face as community-based banks is the pretext call. Resolving the issue is both difficult and time-consuming. This webinar, which will be the basis of a movie meant for all users, will define the problem, the solution, and (for ISOs) how we can teach our employees to implement the solution. This is another of our Movie Within a Movie Webinars, where the longer webinar is meant to help ISOs understand what to do with the shorter movie (see next.)
Originally produced: Apr 2018

Thirty Minute Version:  Asking Out of Wallet Questions:  The Movie for all Bank Employees 
Watch Webinar Movie
Do you know how to prove a caller is who they say they are, before giving them sensitive information?

Let’s say it another way: Do you know how to identify telephone callers by asking what the regulators call “Out of Wallet Questions?”

This movie is meant to teach all bank employees how to ask Out of Wallet Questions, and why using them is so important to our customers’ financial health

Originally produced: Apr 2018

Unabridged One Hour Version:  Asking Out of Wallet Questions:  The Movie for all Bank Employees
Watch Webinar Movie
Do you know how to prove a caller is who they say they are, before giving them sensitive information?

Let’s say it another way: Do you know how to identify telephone callers by asking what the regulators call “Out of Wallet Questions?”

This movie is meant to teach all bank employees how to ask Out of Wallet Questions, and why using them is so important to our customers’ financial health.

Originally produced: Apr 2018

Providing Board Awareness:  R-7: A Superhero’s Guide to 2018 and Beyond!
Watch Webinar Movie
This webinar is for Information Security Offices who need to “get the board on board!”  It walks through the top seven risks community banks face in 2018/2019, from a board perspective, and includes the previous movie (Cybersecurity for the Board.). Each year Dan and his team assemble a “Top Seven Risks List” which Dan uses in his board presentations. In this webinar, Dan reviews the top risks that information security officers of small financial institutions will be focused on in 2018. This is another example of our “Movie Within A Movie” concept” where the longer webinar is meant to help ISO understand what to do with the shorter movie (see previous movie . . . Cybersecurity for the Board!).
Originally produced: Jan 2018

Cybersecurity for the Board
Watch Webinar Movie
Training for the Board of Directors is hard to conjure up. In this movie, Dan uses his annual R-7 list (see next) as the basis for your 2018 Board of Directors Cyberawareness meeting! For ideas on how to present this to your board, see the next movie (Providing Board Awareness: R-7: A Superhero’s Guide to 2018 and Beyond!)
Originally produced: Jan 2018

Vigilize This! – Cybersanity and the Incident Response Program
Watch Webinar Movie
Dan just found out this webinar is on his birthday, so he’s planning on an “outside-the-box” webinar, Dan (and others if necessary!) will be presenting the Equifax breach using the infotex boilerplate for the Incident Response Log as a framework.
Originally produced: Nov 2017

Technology Planning
Watch Webinar Movie
Our annual webinar on the subject will be focused on a simplified process for small institutions, and provide starting point boilerplates for documentation. Feel free to invite your entire technology committee!
Originally produced: Oct 2017

You Asked For It
Contract Review: A Drill-Down for Those Brave Enough!
Watch Webinar Movie
In June we delivered a webinar called “What Do We Tell Those Poor Vendor Owners,” which was about simplifying the vendor management guidance so that your vendor owners can understand the big picture of what needs to happen, and reduced a contract checklist to four basic promises. The movie for that webinar is now available. But after the webinar, we received several requests to “drill down on that contract checklist.” This is that drill down.
Watch Video
Originally produced: Sep 2017

Expected Controls:
How to Review a SOC-1 or Two, Part Two!
Watch Webinar Movie
While the AICPA has been busy updating the SSAE-16 to an SSAE-18, we’ve been busy figuring out how to review the deliverables, regardless of the specifics of the approach taken. And we have one problem with the whole process: how do you know the vendor has tested the controls you would expect. This webinar is a drill-down on “How to Review a SOC-1 or Two.”
Originally produced: Aug 2017

What to Look for in a SIEM
Watch Webinar Movie
You’re needing to find a SIEM and you’re a small organization. You’re jaw still hurts from how hard it hit the ground when you found out how much time and effort goes into setting up your own SIEM. And that was before they gave you the price. And meanwhile, every time you ask a vendor what a SIEM is, you get a different answer. This webinar will try to look at a SIEM from the ground up . . . why it is important to have in place, what the cadillacs can do, what makes sense from adoption philosophy (early majority, later majority, laggard) planning perspectives. And . . . what does it need to do currently for small organizations.
Originally produced: Jul 2017

Four Primary Risk Management Goals of a Contract
Watch Webinar Movie
So you’re in a big hurry and you just want to quickly check if a contract passes muster. While your examiner might not like it, you have decided that you’re going to play the 80/20 rule. You have documented rationale . . . you don’t want to spend too much time in contract review if the assurance review fails, but you have to k now if the contract has basic provisions before you want to spend any time on the assurance review. You realize that your auditors and examiners will want to see a more thorough review if you DO pull the trigger, but you need to break through a chicken/egg regularity with new vendor due diligence: the contract and the assurance. So if, in a down-and-dirty contract review, you could find 80% of what really reduces risk, maybe you can save a lot of time by ignoring the other 20%, which is about 80% of the time it takes to review a contract. This webinar will talk about a prioritized approach to contract review that . . . . warning . . . may not be completely endorsed by your regulator. (But will at least get you to a quick decision as to whether it is worth pursuing the other elements of vendor due diligence.)
Originally produced: Jun 2017

Canaries in a Coal Mine
Watch Webinar Movie
As auditors who also watch networks as an MSSP, we see many leading indicators of breaches. This webinar will review both the “dead birds” . . . phenomena that means you’ve already been hacked . . . and the “sick birds,” phenomena that, if not fixed, will lead to a successful breach in your organization.
Originally produced: Apr 2017

Password Management Controls
Watch Webinar Movie
Authentication . . . one of the most important controls on our network . . . is often undefined, primarily because there is no good starting point. While most of us are big on documented password policies, the technical enforcement of nontechnical password policies remains a mystery to those outside network management. In this free webinar, Dan will review what we should document, what should remain undocumented, ways to address “shared credentials,” and . . .. most importantly, reveal a free boilerplate that will get you started on documenting your own Password Management Procedure.
Originally produced: Mar 2017

Decision Trees as a Training Tool
Watch Webinar Movie
So you’ve assembled your Incident Response Team, you’ve done the Plan Walkthrough, you’ve even tested the team a couple of times with tabletop testing. Now what? Join us for this free webinar as Dan provides a handy training . . . . and if you’re a large institution, planning . . . . tool!
Originally produced: Feb 2017

Insurance Review Iteration #2
Watch Webinar Movie
An unlikely question being placed on the desk of many Information Security Officers: How do you know you are properly insured? Dan will help us answer the question: What questions should be asked when you prepare to transfer risk (acquire Cyber Insurance or other types of Insurance)?
Originally produced: Jan 2017

How to Review the SOC One or Two!
Watch Webinar Movie
How do you know which user control considerations require follow-up? The SSAE-16 Review Checklist helps you organize your approach, make sure it is risk-based, and properly communicate resulting risk from the vendor due diligence process. An excel spreadsheet, this checklist includes all the appropriate questions that must be asked during an SSAE-16 review, with an easy risk ranking metric that will allow you to compare all critical vendors.
Originally produced: Jun 2016

Data Flow Diagramming
Watch Webinar Movie
If you’ve performed your Cybersecurity Assessment you’re probably wondering, “what is this data flow diagramming thing, why have my auditors never asked me for it, and how do I do one for my bank?” Join us as we run down the answers to those three important questions!
Originally produced: Mar 2016

Incident Response in the World of CAT Domains Two, Three and Five
Watch Webinar Movie
Are you through your cybersecurity assessment first iteration and wondering what the heck you’re going to do about a handful of statements related to incident response? Join us for this free one hour webinar that helps connect the dots from what you’re already doing to what you need to do as it comes to baseline and evolving incident response statements.
Originally produced: May 2016

CAT NIP – Drilling Down on the CAT Incident Response Statements
Watch Webinar Movie
So we’ve identified the dozens or so statements, in the Cybersecurity Assessment Tool, that we aren’t proud of. And many of them are about incident response. This webinar will drill down on one of the more prevalent deficiencies with smaller banks:
Testing Your Incident Response Plan
Learn how to fulfill the loose guidance about incident response testing in a manner that delivers value. Deliverables will include templates for a Test Plan, Test Minutes, and Post-mortem review, as well as discussion of sub-scenarios, tabletop test practices, and how to get incident response testing from your existing audit plan.
Originally produced: May 2016

Cyber Insurance – The Questions that You Should Ask When You Transfer Technology Risk!
Watch Webinar Movie
An unlikely question being placed on the desk of many Information Security Officers: How do you know you are properly insured? Dan will help us answer the question: What questions should be asked when you prepare to transfer risk (acquire Cyber Insurance or other types of Insurance)?
Originally produced: Jul 2016

Awareness in All Directions
Watch Webinar Movie
Back to the rest of Technology Risk Management, through IT Governance . . . . whether your most likely threat is cyber or non-technical pretext calling, no matter where the risk falls, the number one control that takes care of everything else is Awareness. A three-sixty summary of Awareness in All Directions . . . Board awareness, so that the entire company stays on the same page. Management awareness, so you ensure appropriate control enforcement. Technical awareness, so you learn mitigation controls to bring unacceptable inherent risk to acceptable (usually low) residual risk. And, of course, User Awareness, so that all users of technology and information enforce user controls. Dan will kickoff a four or five part series about the four corners of awareness in “Awareness in All Directions.”
Originally produced: Aug 2016

Disaster Planning Meets Awareness Training Meets Risk Monitoring
Watch Webinar Movie
Integrating the Technical with the Nontechnical Aspects of incident Response Planning. Case studies back up the need for a monthly Incident Response Team process.
Originally produced: Sep 2016

Technology Planning
Watch Webinar Movie
Our annual webinar on the subject will be focused on a simplified process for small institutions, and provide starting point boilerplates for documentation. Feel free to invite your entire technology committee!
Originally produced: Oct 2016

Training Your Incident Response Team – The CAT MAIT Almanac
Watch Webinar Movie
Start planning for easy ways to Train Your Incident Response Team in 2017. Dan will run through an almanac of CAT statements and suggest how existing guidance can be leveraged.
Originally produced: Nov 2016

Incident Response Testing – What to Expect
Watch Webinar Movie
This presentation is intended for those who are planning to participate in an infotex incident response test. Please let us know what questions you have, when we have our Plan Walkthrough and Test Plan Approval meeting!
Originally produced: May 2017

2020 Jam Cancellation
Watch Video
A short announcing the sad news that the 2020 infotex Jam was cancelled.
Originally produced: May 2017

Legal Disclaimer
Watch Video
All presentations on this page come with this disclaimer!

infotex Audits – What To Expect
Short- 18 minutes
Watch Video
A short that walks Clients and prospective Clients on what to expect during an infotex Audit.
Originally produced: January 2017

Due Diligence Packet Movie
Client Video- 7 minutes
Watch Video
A short video explaining the Due Diligence Packet that we send out to Clients and other customers.
Originally produced: April 2020

You Spoke, We Listened, AGAIN!
Watch Video

 

You Spoke, We Listened 
Watch Video

 

Remote Productivity
Short- 10 minutes
Watch Video
In this ten minute video, Dan answers the question, “how do we know employees are productive when working from home?”
Originally produced: April 2020

infotex SIEM Data Flow Diagram
Feature Video- 5 minutes
Watch Video
In this short video, Michael, our “Envoy from the SIEM”, walks us through how data flows through the current infotex System Information and Event Management system.
Originally produced: April 2020

 

same_strip_012513

Latest Articles
    Another New Leaf
    from Dan’s New Role . . . And note the date! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Once again, I am turning over a new leaf.  Those who have not been following this blog for its full fourteen-year history might not realize […]
    R7-2023
    Top Seven Risks . . . that small bank Information Security Officers face in 2023! When we present audit reports to boards of directors, we also talk to the board about the top risks the institution is facing. Since 2006, we have been compiling a list of the “top seven risks small institutions are facing,” in […]
    “Layers” Awareness Poster
    Another awareness poster for YOUR customers (and users). Now that we have our own employees aware, maybe it’s time to start posting content for our customers! Check out posters.infotex.com for the whole collection! Download the large versions here: Awareness Poster (Portrait) Awareness Poster (Landscape) You are welcome to print out and distribute this around your […]
    Biden Administration Unveils New Cybersecurity Strategy
    The new plan calls for technology providers, and not end users, to be responsible for security… An article review.  Following multiple high profile cybersecurity incidents in 2021 and 2022 the Biden Administration recently announced new long-term goals for the nation’s cybersecurity, and under the new plan companies that provide technology would carry more of the […]
    R7: 2023’s Top Seven Technology Risks Webinar Registration
    R7: 2023’s Top Seven Technology Risks Webinar-Video What are the top seven risks your board should know about in 2023? Since 2006, Dan has been compiling a list of the “top seven risks small institutions are facing,” in preparation for his board presentations. This webinar will present the 2023 list in a manner that you […]
    Adam Reads: The “Project Management” Guidance Summary
    A new way of helping people “read” new guidance… Look for more in the future! To save you time, we are proud to present “Adam Reads” . . . recorded versions of our Guidance Summaries! Below you can find an embedded player for the audio file. If you are having issues with that working, you […]
    History (and Future) of the infotex Website
    Times they are a-changin’ . . . The infotex website is being updated. You read that right! We are in the process of updating our website from the circa 2013 version we have had for far too long. As the Digital Media Manager for infotex this excites me greatly and I look forward to the […]
    ChatGPT & AI: The Good, The Bad, and The Evil
    A new Team member’s first article! In today’s news cycle, it is difficult to miss all the fuss about AI, or more specifically, ChatGPT. So many differing opinions on the matter can make it hard to decipher what the future looks like. Few people think AI is a gimmick, but not many know the possibilities […]
    NIST Prepares Updates To Cybersecurity Framework
    A draft version of the new framework may be available as early as this summer… An article review. As the cybersecurity landscape is constantly evolving, the tools we use to address risk need to evolve as well–and by this summer we should be getting our first look at planned changes to the NIST cybersecurity framework.  […]
    “Pop-Up Awareness” Awareness Poster
    Another awareness poster for YOUR customers (and users).  Now that we have our own employees aware, maybe it’s time to start posting content for our customers! Check out posters.infotex.com for the whole collection! Download the large versions here: Awareness Poster (Portrait) Awareness Poster (Landscape) You are welcome to print out and distribute this around your […]
Visit our Security Blog for more