by Zach Duke | Oct 23, 2025 | Vendor Management, Community Banking, Cybersecurity, Information Security, IT, IT Security
In today’s banking landscape, risk doesn’t just come from inside the building. Third-party vendors are now central to how financial institutions operate. They provide everything from core processing to cybersecurity tools. But with that reliance comes responsibility....
by Zach Duke | Oct 9, 2025 | Community Banking, Cybersecurity, Information Security, IT Security, Risk Management, Vendor Management
Information Security Officers wear a lot of hats: compliance coordinator, risk watchdog, IT translator, and sometimes the voice of reason in a room full of competing priorities. One of the toughest challenges? Convincing senior leadership that vendor management...
by Zach Duke | Sep 25, 2025 | Vendor Management, Community Banking, Cybersecurity, Cybersecurity Assessment Toolkit, FFIEC, Governance, IT, IT Security
With the FFIEC CAT officially sunset on August 2025, banks are rethinking how they manage cybersecurity oversight. But one area that can’t get lost in the shuffle? Vendor management. In fact, third-party risk is getting more scrutiny, not less, under new guidance. The...
by Zach Duke | Jun 12, 2025 | Governance, AI, AI Governance, AI Tools, Community Banking, Cybersecurity, Information Security, Information Security Governance, IT, IT Security, Security
Spreadsheets have long been the go-to tool for tracking and managing information security tasks. They’re familiar, flexible, and easy to share. But in today’s rapidly evolving landscape, where efficiency; compliance; and innovation are key, relying on...
by Zach Duke | May 29, 2025 | PII Assessment, Banking, Community Banking, Cybersecurity, Governance, IT, Risk Assessment, User Access
Managing third-party risk, performing access reviews, and completing risk assessments are foundational elements of a sound information security program, especially in the banking industry. But these processes often rely on fragmented, outdated tools like spreadsheets....
by Zach Duke | May 15, 2025 | Cybersecurity Assessment Toolkit, Community Banking, Cybersecurity, IT, Toolkit, Uncategorized
It’s been a decade since the Cybersecurity Assessment Toolkit (CAT) was first introduced. For many institutions, especially community banks, it has become a familiar part of their cybersecurity routine. But with the recent decision by regulators to sunset the toolkit...
