The Bedel Security Blog

Information security expertise exclusively for you.

Sign Up Today

Audit

2 min read

5 Simple Steps to a Proactive Information Security Program

Trisha Durkin: Oct 17, 2025

If your Information Security Program feels more like you’re constantly putting out fires than preventing them, you’re not alone. Many community banks...

Information Security Program Strategic Planning Governance Banks Credit Unions Audit Risk Management Community Banking Proactive Compliance
Read More

3 min read

Understanding the Second Amendment to DFS Part 500: What Financial Institutions Need to Know

Jordan Rosiak: Mar 13, 2025

The Second Amendment to the New York Department of Financial Services (NYDFS) Part 500, finalized on November 1, 2024, introduces more stringent...

Controls Governance Risk Assessment Incident Response Audit Multi-factor Authentication Risk Management Compliance DFS 500
Read More

2 min read

In a World of Emerging Technology, One Truth Remains

Chris Bedel: Feb 28, 2025

Artificial intelligence, quantum computing, cryptocurrency, banking as a service - there’s no shortage of new technology shaking up the financial...

Information Security Program Controls Governance Risk Assessment Audit Risk Management
Read More

2 min read

Protecting Against AI-Driven Cyber Threats

Errica Padgett: Oct 18, 2024

From phishing scams to ransomware, cybercriminals are increasingly using AI to launch more sophisticated, faster, and harder-to-detect attacks. To...

Threats Audit Zero Trust AI User Testing and Training Vulnerability Management Cyber Employee Training and Awareness
Read More

2 min read

Don't Forget the Bank Service Company Act

Trisha Durkin: Jun 21, 2024

Let’s discuss an old regulation that seems to be picking up new life in recent regulatory examinations, the Bank Service Company Act (BSCA). This Act...

Policy Regulation Banks Audit Exam Guidance
Read More

2 min read

Fortifying the Vault: Unveiling Data Protection Strategies for Financial Institutions

Trisha Durkin: Feb 2, 2024

Welcome to the high-stakes world of banking, where every transaction is a delicate dance of digits, and the protection of sensitive data is...

Access Audit Endpoint Financial Institution Encryption secure
Read More

2 min read

Why Regular Security Audits and Penetration Testing Are Your Best 'Cyber Insurance' Policy

Trisha Durkin: Nov 3, 2023

In the ever-evolving world of finance, where digital transactions and data management reign supreme, security isn't a luxury; it's a necessity. But...

Threats Audit Cyber insurance Penetration Test
Read More

2 min read

Blocking Outbound Communications

Brian Petzold: May 12, 2023

All organizations have (or should have) a firewall that blocks unexpected communications from the Internet to internal network hosts. But what about...

Controls Audit Email
Read More

2 min read

The FDIC InTREX Gets Audited

Brian Petzold: Feb 10, 2023

While the FFIEC has released three major guidance updates since July 2019, the FDIC has not updated its examination program to include the newer...

Policy Controls Governance FFIEC Access & Authentication Audit Exam GLBA
Read More

2 min read

The 1 Thing You Can Do to Improve Your Cybersecurity Program

Chris Bedel: Jan 27, 2023

Let's use our imaginations for a few minutes.

CISO CISO Services Virtual CISO In-house CISO Banks Culture Audit 3rd party Third-Party
Read More
1 2 Next