Trisha Durkin

2 min read

5 Simple Steps to a Proactive Information Security Program

Trisha Durkin: Oct 17, 2025

If your Information Security Program feels more like you’re constantly putting out fires than preventing them, you’re not alone. Many community banks and credit unions find themselves in “reactive mode”, always one audit finding, exam comment, or...

Information Security Program Strategic Planning Governance Banks Credit Unions Audit Risk Management Community Banking Proactive Compliance
Read More

2 min read

Why You Need Both an Information Security Risk Assessment and a Framework Self-Assessment

Trisha Durkin: Aug 22, 2025

When it comes to managing cybersecurity risk in community financial institutions, there’s often confusion between two key activities: the Information...

Risk Assessment NIST Risk Management Self Assessment CRI
Read More

2 min read

Beyond the 36-Hour Rule: Real-World Examples You Might Not Know About

Trisha Durkin: Jul 18, 2025

Most community financial institutions are well aware of the 36-hour incident notification rule that went into effect in April 2022. But what’s not...

Incident Response Ransomware Guidance Disaster Recovery
Read More

2 min read

How Financial Institutions Can Get Ahead of 2025 Cybersecurity Exams

Trisha Durkin: Apr 24, 2025

If you work in a bank or credit union, you already know the expectations have changed. Regulators aren’t just asking whether you have cybersecurity...

Regulation Governance Risk Assessment Incident Response Exam Cybersecurity
Read More

2 min read

Understanding RTO, RPO, and MTD and Why It Matters

Trisha Durkin: Mar 7, 2025

When disaster strikes—whether it's a cyberattack, power outage, or natural disaster—community financial institutions must be prepared to restore...

Disaster Recovery Business Continuity
Read More

2 min read

CISA’s Cybersecurity Performance Goals: A New Opportunity for Community Financial Institutions

Trisha Durkin: Jan 16, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) recently released its Cybersecurity Performance Goals (CPGs) Adoption Report,...

CAT Cybersecurity Risk Management CISA CPGs
Read More

2 min read

The Cyber Crystal Ball: What’s in Store for Community Financial Institutions in 2025?

Trisha Durkin: Nov 15, 2024

“2024 was rough; why should 2025 be any different?” This is the mantra heard in many community banks and credit unions as they brace for the next...

Risk Information Security Program Cybersecurity Assessment Tool CAT Banks Credit Unions Ransomware AI Cybersecurity Financial Institution Cloud
Read More

3 min read

Key Risk Indicators: Your Early Warning System for Cyber Threats in Community Financial Institutions

Trisha Durkin: Oct 11, 2024

In the financial world, predicting risk is like forecasting the weather—you need to know the signs of a brewing storm before it hits. For community...

Risk Management KRI Key Risk Indicators
Read More

2 min read

Cracking the GLBA Code: Best Practices for Board Reporting in Financial Institutions

Trisha Durkin: Aug 16, 2024

As an Information Security professional, you know that staying ahead of the regulatory curve is just part of the job. But when it comes to the...

Information Security Program Banks Board of Directors GLBA Financial Institution Gramm-Leach-Bliley Act Banking Community Banking
Read More

2 min read

Don't Forget the Bank Service Company Act

Trisha Durkin: Jun 21, 2024

Let’s discuss an old regulation that seems to be picking up new life in recent regulatory examinations, the Bank Service Company Act (BSCA). This Act...

Policy Regulation Banks Audit Exam Guidance
Read More
1 2 3 Next