The Bedel Security Blog

Information security expertise exclusively for you.

Sign Up Today

Governance

2 min read

Using RACI Charts to Strengthen Risk Management and InfoSec Programs

Jordan Rosiak: May 9, 2025

Without defined roles, critical tasks like policy reviews, incident response, and business continuity planning, or risk assessments can be overlooked...

Information Security Program Governance Risk Management Compliance RACI
Read More

2 min read

How Financial Institutions Can Get Ahead of 2025 Cybersecurity Exams

Trisha Durkin: Apr 24, 2025

If you work in a bank or credit union, you already know the expectations have changed. Regulators aren’t just asking whether you have cybersecurity...

Regulation Governance Risk Assessment Incident Response Exam Cybersecurity
Read More

3 min read

Understanding the Second Amendment to DFS Part 500: What Financial Institutions Need to Know

Jordan Rosiak: Mar 13, 2025

The Second Amendment to the New York Department of Financial Services (NYDFS) Part 500, finalized on November 1, 2024, introduces more stringent...

Controls Governance Risk Assessment Incident Response Audit Multi-factor Authentication Risk Management Compliance DFS 500
Read More

2 min read

In a World of Emerging Technology, One Truth Remains

Chris Bedel: Feb 28, 2025

Artificial intelligence, quantum computing, cryptocurrency, banking as a service - there’s no shortage of new technology shaking up the financial...

Information Security Program Controls Governance Risk Assessment Audit Risk Management
Read More

2 min read

Ruminations on the New Dodd-Frank Section 1033 Rule

Brian Petzold: Dec 19, 2024

When the Dodd-Frank Act was passed in 2010, it included Section 1033. This section required the Consumer Financial Protection Bureau (CFPB) to create...

Regulation Governance Third-Party Standard Section 1033 rule Dodd-Frank CFPB
Read More

2 min read

Demystifying Policy, Procedures, and Standards: Understanding the Differences Matters

Trisha Durkin: Aug 4, 2023

In every aspect of life, from managing a company to navigating through traffic, guidelines play a crucial role in maintaining order and achieving...

Policy Information Security Program Governance Standard Procedure
Read More

2 min read

Should Financial Institutions have a BISO Program?

Stephanie Goetz: Feb 17, 2023

A BISO (Business Information Security Officer) is an ombudsman for business lines across an institution. This person is responsible for representing...

Information Security Program Governance Banks Credit Unions
Read More

2 min read

The FDIC InTREX Gets Audited

Brian Petzold: Feb 10, 2023

While the FFIEC has released three major guidance updates since July 2019, the FDIC has not updated its examination program to include the newer...

Policy Controls Governance FFIEC Access & Authentication Audit Exam GLBA
Read More

1 min read

Outsourcing IT

Vance Monical: Aug 26, 2022

It’s common practice for financial institutions to outsource some or all of their Information Technology (IT) functions to a Managed Service Provider...

Vendor Management Governance Banks IT Outsourcing 3rd party Third-Party
Read More

3 min read

Change, Conflict and Culture

Stephanie Goetz: Jul 15, 2022

We have many institutions either going through or coming out of a large amount of change. It seems like there’s always some new guidance, product, or...

CISO Information Security Program Governance CISO Services vCISO Virtual CISO Outsourced CISO In-house CISO Banks Credit Unions Culture
Read More
1 2 3 Next