by Beth Sumner | Aug 1, 2024 | Community Banking, Employee, Employee Records, Financial Institutions, Information Security, IT, Risk, Security, Terminated Employees, User Access
When I first entered the banking world, user access reviews were much more straightforward. Spreadsheets were used to capture the basics of who had network and core application access. There was a page in each employee’s file listing the keys and codes they had, and...
by Beth Sumner | Jul 2, 2024 | Community Banking, Financial Institutions, Information Security, IT, Risk, Shadow IT, User Access
In the world of community banking, the landscape of information security and cyber risk management has dramatically evolved. Gone are the days when all servers were in-house, and every application installation involved the IT department. Today, it’s easier than ever...
by Beth Sumner | Mar 12, 2024 | Succession Planning, Cybersecurity, Governance, Information Security Officer, Risk
In today’s world where cyber threats evolve rapidly, the challenge of replacing an Information Security Officer (ISO) underscores a critical issue: the cybersecurity job market is scorching, yet talent is scarce. This gap has turned recruitment into a high-stakes game...
by Beth Sumner | Oct 5, 2023 | Cyber Attack, Cybersecurity, Cybersecurity Awareness Month, Risk, Security, Training
In today’s rapidly evolving digital landscape, financial institutions are under constant threat from cyber adversaries. While policies, security information and event management (SIEM) systems, firewalls, and encryption are indispensable, there’s an...
by Zach Duke | Sep 14, 2023 | Cybersecurity, Information Security, Infosec, page-user-access, Reporting, Risk, Risk Assessment, User Access
The Federal Financial Institutions Examination Council (FFIEC) updated its Authentication Guidance in August 2021, which aims to standardize and enhance security measures for financial institutions. We are seeing a focus on these areas during exams and audits, and...
by Beth Sumner | Jul 27, 2023 | Cybersecurity, Information Security, Infosec, page-user-access, Reporting, Risk, Risk Assessment, Training, User Access
Today, we’re delving into an essential topic that affects both the security and the integrity of your digital assets: privilege creep. In this blog, we’ll explore the potential risks, and provide you with actionable strategies to prevent this sneaky threat from...
