by Zach Duke | Nov 25, 2025 | Finosec CAT, Community Banking, Cybersecurity, Cybersecurity Assessment Toolkit, FFIEC
Why Inherent Risk Still Matters Even if You’ve Already Chosen Your Framework Many community banks have already selected a cybersecurity framework to replace the FFIEC Cybersecurity Assessment Tool (CAT). NIST CSF 2.0 is one of the most popular choices, and for good...
by Zach Duke | Nov 20, 2025 | Finosec CAT, Community Banking, Cybersecurity, Cybersecurity Assessment Toolkit, FFIEC, Financial Institutions, Risk Assessment
After the August 31st sunset of the FFIEC CAT, community banks have either started to transition away or are confirming their plan and evaluating frameworks such as the Cyber Risk Institute (CRI) Profile, NIST Cybersecurity Framework (CSF 2.0), or CIS Controls. Each...
by Zach Duke | Sep 25, 2025 | Vendor Management, Community Banking, Cybersecurity, Cybersecurity Assessment Toolkit, FFIEC, Governance, IT, IT Security
With the FFIEC CAT officially sunset on August 2025, banks are rethinking how they manage cybersecurity oversight. But one area that can’t get lost in the shuffle? Vendor management. In fact, third-party risk is getting more scrutiny, not less, under new guidance. The...
by Zach Duke | Jul 24, 2025 | Information Security, Community Banking, Cybersecurity, Cybersecurity Assessment Toolkit, FFIEC
With the FFIEC Cybersecurity Assessment Tool (CAT) being sunset, financial institutions are evaluating their next move. Finosec’s modernized Cyber Assessment Tool offers a streamlined alternative that builds on the foundation of your existing work, without starting...
by Zach Duke | Jul 10, 2025 | Cybersecurity Assessment Toolkit, Community Banking, Cybersecurity, FFIEC, Risk Assessment, Toolkit, Uncategorized
With the official sunset of the FFIEC Cybersecurity Assessment Tool (CAT) approaching, banks across the country are asking the same question: “What comes next?” For many institutions, the CAT has long served as the cornerstone of their cybersecurity self-assessment...
by Zach Duke | Jun 26, 2025 | Cybersecurity Assessment Toolkit, Community Banking, Cybersecurity, FFIEC, Uncategorized
One of the most overlooked challenges in cybersecurity governance isn’t the technology itself, it’s the communication. For many institutions, the gap between information security teams and executive leadership can lead to misunderstandings, misalignment, and missed...
