by Zach Duke | Jul 24, 2025 | Information Security, Community Banking, Cybersecurity, Cybersecurity Assessment Toolkit, FFIEC
With the FFIEC Cybersecurity Assessment Tool (CAT) being sunset, financial institutions are evaluating their next move. Finosec’s modernized Cyber Assessment Tool offers a streamlined alternative that builds on the foundation of your existing work, without starting...
by Zach Duke | Jul 10, 2025 | Cybersecurity Assessment Toolkit, Community Banking, Cybersecurity, FFIEC, Risk Assessment, Toolkit, Uncategorized
With the official sunset of the FFIEC Cybersecurity Assessment Tool (CAT) approaching, banks across the country are asking the same question: “What comes next?” For many institutions, the CAT has long served as the cornerstone of their cybersecurity self-assessment...
by Zach Duke | Jun 26, 2025 | Cybersecurity Assessment Toolkit, Community Banking, Cybersecurity, FFIEC, Uncategorized
One of the most overlooked challenges in cybersecurity governance isn’t the technology itself, it’s the communication. For many institutions, the gap between information security teams and executive leadership can lead to misunderstandings, misalignment, and missed...
by Zach Duke | Dec 17, 2024 | Access Mangement, Community Banking, Cybersecurity, FDICIA, FFIEC, Information Security, IT, User Access
For financial institutions subject to FDICIA, the Federal Deposit Insurance Corporation Improvement Act, the annual management attestation is a critical declaration of compliance. It signifies that the institution’s internal controls over financial reporting (ICFR)...
by Zach Duke | Nov 25, 2024 | Access Mangement, FFIEC, Information Security, IT, IT Security, Regulatory, User Access
Access management is a critical component of cybersecurity and compliance, especially for financial institutions where security expectations are paramount. The challenges surrounding permissions management, particularly during user access reviews, are increasing due...
by Beth Sumner | Oct 30, 2024 | User Access, Community Banking, Cybersecurity, FFIEC, IT
With all eyes focused on AI regulations and the sunset of the Cybersecurity Assessment Tool (CAT), the recently released FFIEC Development, Acquisition, and Maintenance (DA&M) has almost slid under the radar. However, this new booklet is a complete rewrite...
