3 min read
How do you communicate cyber risk to management and the board at your organization? Has it been effective? Is everyone on the same page from a risk appetite perspective to the point that there is an agreement in both the current state of risk and...
Read More
1 min read
We've had clients, friends, relatives, etc. ask us what they should do about the recent Equifax breach and the answer is pretty simple: get a credit...
1 min read
In the aftermath of the Equifax breach, everyone should be on high alert for subsequent social engineering attacks. I would expect LOTS of phishing...
I thought this was an interesting article as I've seen some banks struggle with the reporting mechanisms in their SIEM. Something to look at if you...
It's tough to be effective as a CISO if you can't get your message across to other areas of the bank. How you do it is important as well. This video...
This past spring (as of May 1, 2017), the AICPA updated their Service Organization Controls testing standards from the SSAE-16 to SSAE-18.
1 min read
Today's security executives are increasingly expected to possess a strong business acumen in addition to their expertise in managing risk. This means...
