by Beth Sumner | Jul 2, 2024 | Community Banking, Financial Institutions, Information Security, IT, Risk, Shadow IT, User Access
In the world of community banking, the landscape of information security and cyber risk management has dramatically evolved. Gone are the days when all servers were in-house, and every application installation involved the IT department. Today, it’s easier than ever...
by Beth Sumner | Mar 12, 2024 | Succession Planning, Cybersecurity, Governance, Information Security Officer, Risk
In today’s world where cyber threats evolve rapidly, the challenge of replacing an Information Security Officer (ISO) underscores a critical issue: the cybersecurity job market is scorching, yet talent is scarce. This gap has turned recruitment into a high-stakes game...
by Beth Sumner | Oct 5, 2023 | Cyber Attack, Cybersecurity, Cybersecurity Awareness Month, Risk, Security, Training
In today’s rapidly evolving digital landscape, financial institutions are under constant threat from cyber adversaries. While policies, security information and event management (SIEM) systems, firewalls, and encryption are indispensable, there’s an...
by Zach Duke | Sep 14, 2023 | Cybersecurity, Information Security, Infosec, page-user-access, Reporting, Risk, Risk Assessment, User Access
The Federal Financial Institutions Examination Council (FFIEC) updated its Authentication Guidance in August 2021, which aims to standardize and enhance security measures for financial institutions. We are seeing a focus on these areas during exams and audits, and...
by Beth Sumner | Jul 27, 2023 | Cybersecurity, Information Security, Infosec, page-user-access, Reporting, Risk, Risk Assessment, Training, User Access
Today, we’re delving into an essential topic that affects both the security and the integrity of your digital assets: privilege creep. In this blog, we’ll explore the potential risks, and provide you with actionable strategies to prevent this sneaky threat from...
by Finosec | Jun 28, 2022 | 2022, FDIC, Risk
Understanding examiner expectations and knowing how to train your team and board on information security is important. You and your team need to know where the risks are and where regulators are focused based on those risks. The FDIC released a Risk Review in...