2 min read
What is a Good Password Length?
We are often asked what length passwords should be. The answer that we give in general is that we would like user passwords to be at least 14...
1 min read
Is Your M365 Conditional Access Unconditional?
As attackers are finding new ways to get around multifactor authentication in Microsoft 365, conditional access is becoming more important....
2 min read
Reviewing the New Interagency Third-Party Risk Management Guidance
On June 6th, the Federal Reserve, FDIC, and OCC released new interagency guidance on third-party risk management. The new guidance, based on existing...
2 min read
Blocking Outbound Communications
All organizations have (or should have) a firewall that blocks unexpected communications from the Internet to internal network hosts. But what about...
2 min read
The FDIC InTREX Gets Audited
While the FFIEC has released three major guidance updates since July 2019, the FDIC has not updated its examination program to include the newer...
3 min read
Discussions Triggered from the LastPass Breach
Over the past month, many have written about the latest LastPass breach. If you have not kept up with the breach, you can see the disclosure from...
1 min read
Regulators Becoming More Prescriptive
Recently, the New York Department of Financial Services (“DFS”) released a proposed update to its 2017 “Cybersecurity Requirements for Financial...
2 min read
Self-Assessing Authentication & Access Risk
A little over a year ago, banking regulators released the “Authentication and Access to Financial Institution Services and Systems” guidance. Since...