Several months ago, I wrote a blog on Shadow IT, emphasizing the risks of unapproved software and systems used by employees without the knowledge of the IT department. Shadow IT can lead to significant security vulnerabilities, as it is impossible to protect...
Finosec Tools and Resources to Empower You and Your Team
Finosec BlogTopics
Get notified on new insights from Finosec now!
Be the first to know about new Finosec blogs to grow your knowledge of the cybersecurity governance industry today!Search results for:
Beth Sumner
Challenges of Manual User Access Reviews in Community Financial Institutions
When I first entered the banking world, user access reviews were much more straightforward. Spreadsheets were used to capture the basics of who had network and core application access. There was a page in each employee’s file listing the keys and codes they had, and...
The Hidden Risks of Shadow IT: Why Community Banks Need a Detailed System Inventory
In the world of community banking, the landscape of information security and cyber risk management has dramatically evolved. Gone are the days when all servers were in-house, and every application installation involved the IT department. Today, it’s easier than ever for a Compliance Officer to sign off on a new software tool to manage Reg DD challenges or for a Loan Officer to adopt a cloud solution to improve customer acceptance rates.
Embracing AI: A Quick Start Guide for Community Financial Institutions
Recently, I had the privilege of speaking to a group of bankers at the ICBA Live conference. When I asked who was using AI, only a few hands went up. Then I asked how many had policies forbidding AI usage, and several more hands were raised. This brought us to an interesting realization: those banks were inadvertently in violation of their own policies. AI isn’t new—it’s been enhancing our industry for years, especially in cybersecurity and fraud detection.
Succession Planning: Essential for Sustaining Information Security
In today’s world where cyber threats evolve rapidly, the challenge of replacing an Information Security Officer (ISO) underscores a critical issue: the cybersecurity job market is scorching, yet talent is scarce. This gap has turned recruitment into a high-stakes game for financial institutions, where the departure of an ISO exposes vulnerabilities and regulatory risks. With remote work expanding the competition for skilled professionals, the importance of strategic succession planning has never been more acute, ensuring that institutions remain fortified even in the face of staffing changes.
Simplifying Identity and Access Management: A Guide for Financial Institution Executives
In the rapidly evolving landscape of banking technology and cybersecurity, understanding and implementing effective Identity and Access Management (IAM) strategies is more crucial than ever. Yet, we understand that delving into the complexities of IAM can be daunting. Our goal is to unpack this crucial matter into straightforward and practical measures.
Understanding R-SAT v2.0 – A Practical Guide for Information Security Officers: Part 3 of a 3 Part Series
Fostering a Culture of Security Through Education and Oversight As we wrap up our informative series based on the R-SAT v2.0 insights, we highlight not only the tactical applications of cybersecurity but also the strategic importance of cultivating a robust security...
Understanding R-SAT v2.0 – A Practical Guide for Information Security Officers: Part 2 of a 3 Part Series
Introduction: Streamlining Data Management in Cybersecurity Continuing our initial discussion in the 3-part series from the R-SAT v2.0, we turn to the core of data protection: data management. As an Information Security Officer, your role is pivotal in safeguarding...
Understanding R-SAT v2.0 – A Practical Guide for Information Security Officers: Part 1 of a 3 Part Series
Welcome to the first installment of our in-depth three-part series, building upon our November 14th webinar on the new Ransomware Self-Assessment tool (R-SAT v2.0). The new R-SAT was released by the Conference of State Bank Supervisors in mid/late October.
The Human Firewall: The First and Final Defense for Financial Institutions
What do you need to have an effective training program for cybersecurity training? Learn more in our blog.