In our line of work, we see many institution’s environments, cultures, and positions on the journey of their information security programs. One of the most common pitfalls is the belief that a...
Stephanie Goetz
Recent Posts
Hybrid Work Force Security
by Stephanie Goetz | May 14, 2021
There’s yet another debate growing post-COVID. It’s not vaccinations, masks, or whether it’s safe to eat at a restaurant, it’s when and how much workers will return to the office. In considering the...
Five Tips for Tough Days as a (C)ISO
by Stephanie Goetz | Apr 2, 2021
Information Security leadership can be a tough spot. We are agents of almost constant change in order to combat threats that no one can see. Threats that often don’t show evidence of their...
Considerations for Securing Online Meeting Software
by Stephanie Goetz | Mar 19, 2021
It’s safe to say that remote work is here stay. While we are on the verge of opening back up after COVID, people have loved the flexibility that remote work provides and perhaps there’s no going...
Qakbot Malware
by Stephanie Goetz | Feb 12, 2021
Qakbot (also known as Quakbot or Qbot) is a malware strain that has been used to attack financial institutions since 2008. It’s primary target is stealing bank credentials in order to enable wire...
SolarWinds: What do we know so far?
by Stephanie Goetz | Jan 8, 2021
Unless you had a really secluded and long holiday vacation, you’ve probably heard about the SolarWinds breach and how it has affected many US industries including financial institutions and their...
Does your Change Management Process Need a Conversion?
by Stephanie Goetz | Dec 4, 2020
We are seeing findings related to change management cropping up in several audit reports this year. Appropriately scoping change management can be tricky in smaller financial institutions which do...
The Scare of Miscellaneous Errors
by Stephanie Goetz | Oct 30, 2020
We’ve all heard about the latest big vulnerabilities, end of life software or compromised passwords as the cause of breaches. However, another pattern is emerging for the financial and insurance...
CISA's Ransomware Guide Takeaways
by Stephanie Goetz | Oct 9, 2020
Ransomware has become more common in the past year with the hackers constantly changing tactics, such as moving from infecting backups to deleting them altogether and evolving ransomware variants....
The Most Underrated Control in Information Security
by Stephanie Goetz | Sep 11, 2020
The access review is the most underrated control in the Information Security Officer’s toolkit. We hear so much about threat intelligence, vulnerability management, and fancy tools that monitor this...