The Bedel Security Blog | Brian Petzold (2)

3 min read

Best Practices to Ace Your Penetration Test

Brian Petzold: Mar 1, 2024

Every institution should have an internal penetration test performed annually. The goal of the penetration test is for the tester to try to gain administrative access to the network. In our experience, good testers can achieve this goal over half...

2 min read

Adding Perspective to Tabletop Exercises

Brian Petzold: Dec 1, 2023

BIA/BCP Culture IT Cyber insurance Cybersecurity Communication Tabletop Test

2 min read

What is a Good Password Length?

Brian Petzold: Oct 13, 2023

We are often asked what length passwords should be. The answer that we give in general is that we would like user passwords to be at least 14...

Risk Passwords Email Risk Management

1 min read

Is Your M365 Conditional Access Unconditional?

Brian Petzold: Sep 1, 2023

As attackers are finding new ways to get around multifactor authentication in Microsoft 365, conditional access is becoming more important....

Policy Remote Access Banks Access Access & Authentication Access Reviews

3 min read

Helping Board Members Sleep at Night

Brian Petzold: Jul 14, 2023

Banks Board of Directors 3rd party Third-Party

2 min read

Reviewing the New Interagency Third-Party Risk Management Guidance

Brian Petzold: Jun 9, 2023

On June 6th, the Federal Reserve, FDIC, and OCC released new interagency guidance on third-party risk management. The new guidance, based on existing...

Regulation Vendor Management Banks Credit Unions 3rd party Third-Party OCC FDIC

2 min read

Blocking Outbound Communications

Brian Petzold: May 12, 2023

All organizations have (or should have) a firewall that blocks unexpected communications from the Internet to internal network hosts. But what about...

Controls Audit Email