The Bedel Security Blog

Information security expertise exclusively for you.

Sign Up Today

1 min read

The What, Why, and How of Complementary User Entity Controls

Trisha Durkin: Jan 13, 2023

Reviewing Complementary User Entity Controls (CUECs) is an important part of any financial institution’s third-party management program. However, we often see many institutions either not performing or not documenting these reviews. Let’s breakdown...

Controls Access Access & Authentication 3rd party Third-Party Passwords Access Reviews
Read More

3 min read

Discussions Triggered from the LastPass Breach

Brian Petzold: Jan 6, 2023

Over the past month, many have written about the latest LastPass breach. If you have not kept up with the breach, you can see the disclosure from...

Risk Threats Controls Cloud Access MFA Access & Authentication Passwords
Read More

1 min read

Board Cyber Awareness

Vance Monical: Dec 30, 2022

Over the next few months, Information Security leaders will be presenting their annual security update to the Board as required by the Gramm Leach...

Risk Training Policy Risk Assessment Board of Directors GLBA
Read More

3 min read

Cyber Insurance is Broken. How Do We Fix it?

Chris Bedel: Dec 23, 2022

I've been asked about the state of cyber insurance multiple times over the past couple of months.

Risk Threats Policy Ransomware Cyber insurance
Read More

1 min read

Regulators Becoming More Prescriptive

Brian Petzold: Dec 9, 2022

Recently, the New York Department of Financial Services (“DFS”) released a proposed update to its 2017 “Cybersecurity Requirements for Financial...

Policy Information Security Program Regulation Risk Assessment NYCRR
Read More

2 min read

A Few Things We're Thankful For

Laura Zeck: Nov 25, 2022

For this year's Thanksgiving Friday 5, the Bedel Security team all came together to share five things they are thankful for this holiday season.

Featured
Read More

2 min read

Welcome to the Bedel Security Team Alex & Cory

Laura Zeck: Nov 21, 2022

Virtual CISO
Read More

2 min read

The Risk Based Audit

Chris Bedel: Nov 17, 2022

We have a meeting every Monday morning to do a status update on each of the 40 financial institutions we serve as their virtual Information Security...

Risk Policy Banks Audit IT ISO
Read More

2 min read

Self-Assessing Authentication & Access Risk

Brian Petzold: Nov 4, 2022

A little over a year ago, banking regulators released the “Authentication and Access to Financial Institution Services and Systems” guidance. Since...

Threats Information Security Program Regulation Risk Assessment CISO Services vCISO Virtual CISO Banks Credit Unions FFIEC Access Access & Authentication CISO as a service Audit 3rd party Third-Party Passwords Access Reviews
Read More

1 min read

Effective User Access Reviews

Vance Monical: Oct 28, 2022

What exactly is a user access review? In its simplest form, this review is a process that certifies that users’ (including vendors’) access within...

CISO Information Security Program Controls CISO Services vCISO Virtual CISO Outsourced CISO In-house CISO Banks Access Access & Authentication CISO as a service Audit IT 3rd party Access Reviews
Read More
Prev 10 11 12 13 14 Next