The Bedel Security Blog

Information security expertise exclusively for you.

Sign Up Today

1 min read

Three Options to Implement Phish Resistant Multi-Factor Authentication

Stephanie Goetz: Mar 17, 2023

Since the pandemic and the rise of work at home, we have become very familiar with Multi-Factor Authentication (MFA). Typically, this is implemented as a One-Time Password (OTP) delivered via an application on a smartphone, phone call, or SMS text.

Controls Remote Access MFA Banks Passwords
Read More

1 min read

Where to start?

Vance Monical: Mar 3, 2023

If you are new to managing cybersecurity for a financial institution, I’m sure you’ll have a lot of questions. More specifically, “Where do I start?”

CISO Information Security Program CISO Services Banks CISO as a service GLBA
Read More

2 min read

The Fiduciary Role of the CISO

Chris Bedel: Feb 24, 2023

A few months ago I was listening to a podcast. The business owner being interviewed wasn't in cybersecurity but had a consulting business. And he...

CISO Cyber Law CISO Services
Read More

2 min read

Should Financial Institutions have a BISO Program?

Stephanie Goetz: Feb 17, 2023

A BISO (Business Information Security Officer) is an ombudsman for business lines across an institution. This person is responsible for representing...

Information Security Program Governance Banks Credit Unions
Read More

2 min read

The FDIC InTREX Gets Audited

Brian Petzold: Feb 10, 2023

While the FFIEC has released three major guidance updates since July 2019, the FDIC has not updated its examination program to include the newer...

Policy Controls Governance FFIEC Access & Authentication Audit Exam GLBA
Read More

2 min read

The 1 Thing You Can Do to Improve Your Cybersecurity Program

Chris Bedel: Jan 27, 2023

Let's use our imaginations for a few minutes.

CISO CISO Services Virtual CISO In-house CISO Banks Culture Audit 3rd party Third-Party
Read More

1 min read

The What, Why, and How of Complementary User Entity Controls

Trisha Durkin: Jan 13, 2023

Reviewing Complementary User Entity Controls (CUECs) is an important part of any financial institution’s third-party management program. However, we...

Controls Access Access & Authentication 3rd party Third-Party Passwords Access Reviews
Read More

3 min read

Discussions Triggered from the LastPass Breach

Brian Petzold: Jan 6, 2023

Over the past month, many have written about the latest LastPass breach. If you have not kept up with the breach, you can see the disclosure from...

Risk Threats Controls Cloud Access MFA Access & Authentication Passwords
Read More

1 min read

Board Cyber Awareness

Vance Monical: Dec 30, 2022

Over the next few months, Information Security leaders will be presenting their annual security update to the Board as required by the Gramm Leach...

Risk Training Policy Risk Assessment Board of Directors GLBA
Read More

3 min read

Cyber Insurance is Broken. How Do We Fix it?

Chris Bedel: Dec 23, 2022

I've been asked about the state of cyber insurance multiple times over the past couple of months.

Risk Threats Policy Ransomware Cyber insurance
Read More
Prev 13 14 15 16 17 Next