John Freerksen

Bank executive reading the Bedel Security blog on her desktop.
Bedel Security Friday5 graphic asking what’s in your bank's cybersecurity policy.

2 min read

What’s In Your Policy?

John Freerksen: May 15, 2026

A bank’s information security policy is one of the few documents that directly connects technical risk to executive accountability. Most policies don’t fail because controls are weak; they fail because leadership is asked to approve something that’s...

Policy Governance Incident Response FFIEC Risk Management Compliance Third-Party Risk Management Regulatory Compliance
Read More
Bedel Security Friday5 graphic on understanding AI bias.

2 min read

Understanding AI Bias

John Freerksen: Mar 6, 2026

Artificial intelligence is transforming financial services—from credit decisions to fraud detection and hiring. However, because AI systems are built...

Governance AI Artificial Intelligence Risk Management Compliance
Read More
Woman with glasses reading off computer screen with the title,

2 min read

What CISA’s Updated CPGs Mean for Financial Institutions

John Freerksen: Jan 9, 2026

CISA’s recent update to the Cybersecurity Performance Goals (CPGs) marks an important evolution in how organizations should approach cyber...

Governance Banks Credit Unions Cybersecurity Financial Institution CISA CPGs
Read More

2 min read

Measuring Cybersecurity That Matters: KRIs Every Financial Institution Should Track

John Freerksen: Oct 24, 2025

For regulators, auditors, and your board, good cybersecurity isn’t just about having controls in place—it’s about proving they work. That’s where...

Information Security Program Incident Response Credit Unions Risk Management Community Banking KRI Key Risk Indicators Regulatory Compliance NIST-CSF
Read More

2 min read

Evaluating Incident Risk Severity Levels in Your Incident Response Plan

John Freerksen: Aug 29, 2025

When a security incident occurs in a financial institution, one of the first and most critical steps is categorization. The speed and accuracy of...

Risk Incident Response Incident Severity Levels
Read More

2 min read

Building Resilience Against Nation-State Actors

John Freerksen: Jul 3, 2025

Given the current international climate, it is critical to maintain vigilant and ongoing monitoring of both cyber and physical threats to the...

Threats Information Security Program Cybersecurity Risk Mitigation Nation-State Actors
Read More

3 min read

Strengthening Cybersecurity with a Single Source of Truth

John Freerksen: May 2, 2025

In the current cybersecurity landscape, organizations generate and rely on vast amounts of data from various tools, systems, and platforms. Without a...

Incident Response Cybersecurity Risk Management Compliance Identity and Access Management
Read More