Brian Petzold

Residential neighborhood used to illustrate cybersecurity threats from residential proxy networks.

2 min read

The War on Residential Proxy Networks

Brian Petzold: Feb 6, 2026

Financial institutions have long relied on network‑based controls to keep criminals out of Internet Banking systems and other critical infrastructure. But those controls are becoming less effective as criminals increasingly hide behind residential...

Threats Risk Management Third-Party Risk Management Fraud
Read More

2 min read

How to Approach Third Party Reviews

Brian Petzold: Nov 21, 2025

One of the most important processes in cybersecurity for financial institutions today is third-party due diligence. However, it is also one of the...

Information Security Program Vendor Management Risk Assessment Third-Party Due Diligence Regulatory Compliance
Read More

2 min read

Ransomware Trends in 2025

Brian Petzold: Sep 26, 2025

Back in May 2024, I wrote that there were signs ransomware might finally be on the decline. I have continued to monitor various sources regarding...

Risk Threats Incident Response Ransomware Cybersecurity Banking
Read More

2 min read

Incident Response Theater: Are We Just Playing the Role of Preparedness?

Brian Petzold: Aug 1, 2025

The curtain rises. The scene: a quiet sunny day on the teller line.

Incident Response Tabletop Test Compliance
Read More

2 min read

The Wild, Untamed, and Exciting World of Passkeys

Brian Petzold: May 30, 2025

In today's digital landscape, securing user authentication is more critical than ever. Recently, I explored the benefits of using Yubikeys and...

Access & Authentication Multi-factor Authentication Vulnerability Cybersecurity Risk Management Passkeys
Read More

3 min read

Is it Time to Go Passwordless?

Brian Petzold: Apr 4, 2025

For years, having long and complex passwords has been ingrained in us as a requirement, so it may seem strange to consider eliminating passwords...

vCISO MFA Passwords Multi-factor Authentication Phishing Vulnerability Management Bedel Security
Read More

3 min read

How to Manage Vulnerabilities

Brian Petzold: Feb 14, 2025

Most ransomware gangs gain their foothold in an organization by taking advantage of at least one vulnerability. The vulnerability may be on a user...

Risk Vulnerability Vulnerability Management
Read More

2 min read

Ruminations on the New Dodd-Frank Section 1033 Rule

Brian Petzold: Dec 19, 2024

When the Dodd-Frank Act was passed in 2010, it included Section 1033. This section required the Consumer Financial Protection Bureau (CFPB) to create...

Regulation Governance Third-Party Standard Section 1033 rule Dodd-Frank CFPB
Read More

2 min read

How I Became a vCISO

Brian Petzold: Oct 25, 2024

I have a lot of passion for my role as a Virtual Chief Information Security Officer (vCISO) for financial institutions, and I am always happy to tell...

Information Security Program vCISO Virtual CISO Cybersecurity Banking
Read More

2 min read

The Waning Days of the CAT Arrive

Brian Petzold: Sep 13, 2024

In late August, the FFIEC announced that they would sunset the Cybersecurity Assessment Tool (the “CAT”) on August 31, 2025. It had been apparent for...

Cybersecurity Assessment Tool CAT FFIEC NIST NIST-CSF CAT Replacement
Read More
1 2 3 4 5 Next