Jordan Rosiak

Bedel Security Friday5 graphic on building a stronger phishing resilience culture at a community bank.

4 min read

Building a Stronger Phishing Resilience Culture

Jordan Rosiak: Mar 20, 2026

Phishing simulations are nearly universal in community banking. Regulators expect them. Auditors ask about them. Boards see the metrics. Yet despite higher training completion rates and more frequent testing, breach reports continue to start with...

Governance Risk Management Phishing Community Banking Employee Training and Awareness Cybersecurity Awareness Training
Read More
blocks with icons stacked showing an upward arrow trending and the title,

2 min read

Cybersecurity Trends Examiners May Focus on in 2026

Jordan Rosiak: Jan 16, 2026

As financial institutions move into 2026, cybersecurity examinations continue to evolve. Regulators are shifting away from purely checklist-based...

Governance vCISO Cybersecurity Risk Management NIST-CSF Identity and Access Management Regulators Operational Resilience
Read More

3 min read

Managing Bank-wide Change: Why Cybersecurity Should Lead the Conversation

Jordan Rosiak: Oct 31, 2025

Change is a constant in banking. Whether it’s rolling out a new digital banking platform, upgrading your core, or going through a merger, most banks...

Information Security Program Regulation Governance FFIEC Cybersecurity Risk Management Community Banking NIST-CSF Change Management
Read More

3 min read

Cybersecurity is Everyone’s Responsibility in Your Bank

Jordan Rosiak: Sep 5, 2025

When most people think of cybersecurity, they think of firewalls, antivirus software, or maybe the IT department working behind the scenes. While...

Risk Policy Strategic Planning Culture Board of Directors Cybersecurity User Testing and Training
Read More

2 min read

Rising Insider Threats: Causes and Countermeasures

Jordan Rosiak: Jul 11, 2025

Insider threats are becoming an increasingly serious issue for financial institutions, often developing quietly but with potentially severe...

Threats Access & Authentication Third-Party Monitoring & Oversight Insider Threats Social Engineering
Read More

2 min read

Using RACI Charts to Strengthen Risk Management and InfoSec Programs

Jordan Rosiak: May 9, 2025

Without defined roles, critical tasks like policy reviews, incident response, and business continuity planning, or risk assessments can be overlooked...

Information Security Program Governance Risk Management Compliance RACI
Read More

3 min read

Understanding the Second Amendment to DFS Part 500: What Financial Institutions Need to Know

Jordan Rosiak: Mar 13, 2025

The Second Amendment to the New York Department of Financial Services (NYDFS) Part 500, finalized on November 1, 2024, introduces more stringent...

Controls Governance Risk Assessment Incident Response Audit Multi-factor Authentication Risk Management Compliance DFS 500
Read More

3 min read

Kingdom Building in Information Security: The Risks of Tool Overload

Jordan Rosiak: Feb 5, 2025

A common theme among financial institutions is the attempt to keep up with the evolving threat landscape through the acquisition of the latest and...

Risk Information Security Program Third-Party Security Tools Third-Party Risk Management
Read More