The Bedel Security Blog

Information security expertise exclusively for you.

Sign Up Today

2 min read

5 Simple Steps to a Proactive Information Security Program

Trisha Durkin: Oct 17, 2025

If your Information Security Program feels more like you’re constantly putting out fires than preventing them, you’re not alone. Many community banks and credit unions find themselves in “reactive mode”, always one audit finding, exam comment, or...

Information Security Program Strategic Planning Governance Banks Credit Unions Audit Risk Management Community Banking Proactive Compliance
Read More

2 min read

Moving from the CAT to CSF: A More Strategic Path for Community Financial Institutions

Chris Bedel: Oct 10, 2025

Cybersecurity Assessment Tool CAT FFIEC Banking NIST-CSF CAT Replacement
Read More

1 min read

Congratulations, Cory Poupore, CISSP, vCISO Senior Advisor!

Laura Zeck: Oct 7, 2025

vCISO Virtual CISO Bedel Security Team
Read More

2 min read

Think outside the Inbox: Combating Modern Social Engineering Threats

Stephanie Goetz: Oct 3, 2025

Social engineering attacks have long been a critical concern for institutions, with email-based phishing dominating headlines and incident reports....

SMS User Testing and Training Vishing Cybersecurity Awareness Training Social Engineering Smishing
Read More

2 min read

Ransomware Trends in 2025

Brian Petzold: Sep 26, 2025

Back in May 2024, I wrote that there were signs ransomware might finally be on the decline. I have continued to monitor various sources regarding...

Risk Threats Incident Response Ransomware Cybersecurity Banking
Read More

1 min read

Bedel Security Announces CAT Replacement: CySPOT® CSF+ Built on NIST CSF 2.0

Laura Zeck: Sep 23, 2025

Introduction When the FFIEC held its webinar to announce the sunsetting of the CAT, they were adamant about the NIST-CSF being the "Rosetta Stone"...

CySPOT Cybersecurity Assessment Tool CAT FFIEC NIST Cybersecurity CAT Replacement
Read More

1 min read

A Strong Defense Wins Championships—and Protects Your Data

Errica Padgett: Sep 19, 2025

In football, it’s often said that defense wins championships. The same principle applies to information security: the strength of your defensive...

Threats Information Security Program Incident Response Risk Management NIST-CSF Data Protection
Read More

2 min read

Cracking Codes and Crushing Rocks: What Geology Can Teach Us About Cryptography

Andrew Hernandez: Sep 12, 2025

At first glance, geology and cryptography may seem worlds apart—one is the study of rocks, layers, and the passage of deep time; the other, the...

Threats Information Security Program Cybersecurity Encryption Cryptography
Read More

3 min read

Cybersecurity is Everyone’s Responsibility in Your Bank

Jordan Rosiak: Sep 5, 2025

When most people think of cybersecurity, they think of firewalls, antivirus software, or maybe the IT department working behind the scenes. While...

Risk Policy Strategic Planning Culture Board of Directors Cybersecurity User Testing and Training
Read More

2 min read

Evaluating Incident Risk Severity Levels in Your Incident Response Plan

John Freerksen: Aug 29, 2025

When a security incident occurs in a financial institution, one of the first and most critical steps is categorization. The speed and accuracy of...

Risk Incident Response Incident Severity Levels
Read More
1 2 3 4 5 Next