Brian Petzold

2 min read

Ransomware Trends in 2025

Brian Petzold: Sep 26, 2025

Back in May 2024, I wrote that there were signs ransomware might finally be on the decline. I have continued to monitor various sources regarding this trend, and a year and a half later, the signs still support this: the growth in the number of...

Risk Threats Incident Response Ransomware Cybersecurity Banking
Read More

2 min read

Incident Response Theater: Are We Just Playing the Role of Preparedness?

Brian Petzold: Aug 1, 2025

The curtain rises. The scene: a quiet sunny day on the teller line.

Incident Response Tabletop Test Compliance
Read More

2 min read

The Wild, Untamed, and Exciting World of Passkeys

Brian Petzold: May 30, 2025

In today's digital landscape, securing user authentication is more critical than ever. Recently, I explored the benefits of using Yubikeys and...

Access & Authentication Multi-factor Authentication Vulnerability Cybersecurity Risk Management Passkeys
Read More

3 min read

Is it Time to Go Passwordless?

Brian Petzold: Apr 4, 2025

For years, having long and complex passwords has been ingrained in us as a requirement, so it may seem strange to consider eliminating passwords...

vCISO MFA Passwords Multi-factor Authentication Phishing Vulnerability Management Bedel Security
Read More

3 min read

How to Manage Vulnerabilities

Brian Petzold: Feb 14, 2025

Most ransomware gangs gain their foothold in an organization by taking advantage of at least one vulnerability. The vulnerability may be on a user...

Risk Vulnerability Vulnerability Management
Read More

2 min read

Ruminations on the New Dodd-Frank Section 1033 Rule

Brian Petzold: Dec 19, 2024

When the Dodd-Frank Act was passed in 2010, it included Section 1033. This section required the Consumer Financial Protection Bureau (CFPB) to create...

Regulation Governance Third-Party Standard Section 1033 rule Dodd-Frank CFPB
Read More

2 min read

How I Became a vCISO

Brian Petzold: Oct 25, 2024

I have a lot of passion for my role as a Virtual Chief Information Security Officer (vCISO) for financial institutions, and I am always happy to tell...

Information Security Program vCISO Virtual CISO Cybersecurity Banking
Read More

2 min read

The Waning Days of the CAT Arrive

Brian Petzold: Sep 13, 2024

In late August, the FFIEC announced that they would sunset the Cybersecurity Assessment Tool (the “CAT”) on August 31, 2025. It had been apparent for...

Cybersecurity Assessment Tool CAT FFIEC NIST NIST-CSF CAT Replacement
Read More

2 min read

Control Assessments Vs. Risk Assessments

Brian Petzold: Jul 19, 2024

When we first start working with new institutions, it is not unusual for us to see them struggling because they have focused their efforts on...

Risk Regulation Controls Risk Assessment Risk Management Control Assessment
Read More

2 min read

Is Ransomware Dying?

Brian Petzold: May 17, 2024

In December 2023 the US Justice Department announced that they had disrupted operations of ALPHV/Blackcat, a ransomware group that was responsible...

Risk Threats Ransomware Technology
Read More
1 2 3 4 5 Next