by Zach Duke | Mar 26, 2025 | Access Mangement, Community Banking, Cybersecurity, IT, IT Security
For Financial Institutions, ensuring secure and efficient access management is a top priority. Protecting sensitive financial data, maintaining regulatory compliance, and preventing unauthorized access are critical responsibilities. However, many institutions still...
by Zach Duke | Feb 21, 2025 | Cybersecurity, Community Banking, Cybersecurity Assessment Toolkit, IT, IT Security, Regulatory, Risk, Risk Assessment, Risk Management
The Risks of Spreadsheets in Cybersecurity and Why It’s Time to Move On As regulators phase out legacy tools like the Cybersecurity Assessment Toolkit (CAT), it’s the perfect opportunity for institutions to rethink their approaches to governance and risk management....
by Zach Duke | Jan 24, 2025 | Information Security, Community Banking, Cybersecurity, IT, IT Security, Risk Management
In the world of cybersecurity and third-party risk management, spreadsheets have become a popular tool. Institutions often use them for tasks such as tracking exceptions from audits, managing access rights, and conducting risk assessments. Despite their frequency of...
by Zach Duke | Nov 25, 2024 | Access Mangement, FFIEC, Information Security, IT, IT Security, Regulatory, User Access
Access management is a critical component of cybersecurity and compliance, especially for financial institutions where security expectations are paramount. The challenges surrounding permissions management, particularly during user access reviews, are increasing due...
by Zach Duke | Nov 7, 2024 | Risk Management, Community Banking, Cybersecurity, IT, IT Security, Uncategorized, User Access
As highlighted in a recent article from the Federal Reserve, managing third-party relationships and the access associated with those relationships is a critical component of Third-Party Risk Management (TPRM). The associated access third party vendors have to banking...
by Beth Sumner | Sep 12, 2024 | AI, Community Banking, Financial Institutions, IT, IT Security
Several months ago, I wrote a blog on Shadow IT, emphasizing the risks of unapproved software and systems used by employees without the knowledge of the IT department. Shadow IT can lead to significant security vulnerabilities, as it is impossible to protect...
