Brian Petzold

2 min read

Where Does Managing Aggregator Risk Belong?

Brian Petzold: Aug 5, 2022

A little over a year ago, bank regulators published new proposed guidance on managing third-party risk. One of the more controversial topics in this guidance is whether a data aggregator needs to be considered a third party by a bank. A data...

Risk CISO Risk Assessment CISO Services vCISO Virtual CISO Outsourced CISO In-house CISO Banks Credit Unions Access & Authentication CISO as a service
Read More

2 min read

Confessions of a Professional Worrier

Brian Petzold: Jul 8, 2022

A few weeks ago, in my life outside of cybersecurity, a person said to me: “You are always thinking three steps ahead of the rest of us”. I am not...

Risk CISO Information Security Program Governance CISO Services vCISO Virtual CISO Outsourced CISO In-house CISO Banks Credit Unions Culture
Read More
Questions For Your Internet Banking Provider

1 min read

Questions You Should Be Asking Your Internet Banking Provider

Brian Petzold: Apr 21, 2022

Financial institutions are required to regularly assess the authentication controls, security layers, and monitoring of Internet Banking to prepare...

Risk Information Security Program Controls CISO Services vCISO Virtual CISO Outsourced CISO In-house CISO Banks Credit Unions
Read More

2 min read

MFA Enrollment Mistakes

Brian Petzold: Apr 8, 2022

Most financial institutions understand the importance of Multifactor Authentication (MFA) in keeping unauthorized parties from gaining access to user...

Risk Threats Policy CISO Information Security Program Remote Access CISO Services vCISO Virtual CISO Outsourced CISO MFA In-house CISO Banks Credit Unions Access
Read More

2 min read

Is Your Risk Assessment Authentication & Access Ready?

Brian Petzold: Jan 21, 2022

In August, the FFIEC released new guidance titled “Authentication and Access to Financial Institution Services and Systems”. Because the guidance...

Risk Threats CISO Information Security Program CySPOT Regulation Controls Risk Assessment CISO Services Virtual CISO Outsourced CISO MFA In-house CISO Banks Credit Unions FFIEC Access Access & Authentication
Read More

2 min read

Backups vs. Retention

Brian Petzold: Nov 19, 2021

We often run into situations where different staff in an institution have different understandings of the goals and operations of their backup...

Risk Threats CISO Information Security Program Controls Governance CISO Services vCISO Virtual CISO Outsourced CISO In-house CISO Banks Credit Unions
Read More

2 min read

Tricky Phish Testing

Brian Petzold: Oct 29, 2021

Phishing remains one of the top threats to organizations today. Every user regularly receives emails designed to trick them into clicking on a link,...

Risk Threats Training Policy Information Security Program CISO Services Virtual CISO Outsourced CISO In-house CISO Banks Credit Unions Ransomware
Read More

2 min read

Training Your Board

Brian Petzold: Sep 24, 2021

Being on the board of a financial institution is not easy. Board members are expected to not only be knowledgeable about the operational and...

Training CISO Outsourced CISO Banks Credit Unions Culture Board of Directors
Read More

2 min read

Choosing a Cybersecurity Framework

Brian Petzold: Aug 13, 2021

It is a good practice to identify a cybersecurity framework as part of an institution’s Information Security Program. A framework helps to identify...

Risk CISO Information Security Program Regulation Controls Cybersecurity Assessment Tool CAT CISO Services vCISO Virtual CISO Outsourced CISO In-house CISO Banks Credit Unions
Read More

2 min read

Breaking the SMS Habit

Brian Petzold: Jun 25, 2021

Multifactor Authentication (MFA) is one of the most important controls to block account takeover fraud. There are many different forms of MFA...

Risk Threats Policy CISO Controls Risk Assessment vCISO SMS MFA
Read More
Prev 1 2 3 4 5 Next