The Bedel Security Blog

Information security expertise exclusively for you.

Sign Up Today

Bank executive reading the Bedel Security blog on her desktop.

Governance

Bedel Security Friday5 graphic asking what’s in your bank's cybersecurity policy.

2 min read

What’s In Your Policy?

John Freerksen: May 15, 2026

A bank’s information security policy is one of the few documents that directly connects technical risk to executive accountability. Most policies...

Policy Governance Incident Response FFIEC Risk Management Compliance Third-Party Risk Management Regulatory Compliance

Bedel Security Friday5 graphic on challenges moving from FFIEC CAT to NIST CSF.

3 min read

Why These NIST CSF Outcomes Can Be Challenging

Trisha Durkin: May 8, 2026

Why These NIST CSF Outcomes Can Be Challenging When Moving from the FFIEC CAT For more than a decade, the Federal Financial Institutions Examination...

Governance Cybersecurity Assessment Tool Cybersecurity Third-Party Risk Management NIST-CSF CAT Replacement CySPOT® CSF+ Supply Chain Risk

Bedel Security Friday5 graphic on identity as the new perimeter in cybersecurity.

2 min read

Identity Is the New Perimeter

Andrew Hernandez: Mar 27, 2026

For years, cybersecurity strategies were built around a clear boundary: the network perimeter. Firewalls, intrusion detection systems, and network...

Governance Access & Authentication Zero Trust NIST-CSF Identity and Access Management

4 min read

Building a Stronger Phishing Resilience Culture

Jordan Rosiak: Mar 20, 2026

Phishing simulations are nearly universal in community banking. Regulators expect them. Auditors ask about them. Boards see the metrics. Yet despite...

Governance Risk Management Phishing Community Banking Employee Training and Awareness Cybersecurity Awareness Training

2 min read

Understanding AI Bias

John Freerksen: Mar 6, 2026

Artificial intelligence is transforming financial services—from credit decisions to fraud detection and hiring. However, because AI systems are built...

Governance AI Artificial Intelligence Risk Management Compliance

3 min read

Managing Cybersecurity with Limited Resources

Trisha Durkin: Feb 27, 2026

If you’re a community bank or credit union, “limited resources” isn’t a temporary condition; it’s your operating model.

Threats Governance Incident Response NIST Cybersecurity Risk Management Tabletop Test Third-Party Risk Management

Audience attending a cybersecurity presentation, illustrating why cyber hygiene and CSBS Cyber Hygiene Fundamentals matter for financial institutions.

1 min read

Cyber Hygiene Isn’t Optional

Errica Padgett: Jan 30, 2026

Why the CSBS Cyber Hygiene Fundamentals Matter Now

Information Security Program Governance Cybersecurity Third-Party Risk Management cyber hygiene

Team of professionals working at computers in a modern office, representing internal cybersecurity risk and governance for community banks

3 min read

Internal vs. External Cyber Threats

Andrew Hernandez: Jan 23, 2026

Internal vs. External Cyber Threats: Why Internal Risk Defines Cybersecurity Outcomes for Community Banks

Threats Governance Access Reviews Zero Trust NIST-CSF Insider Threats

blocks with icons stacked showing an upward arrow trending and the title,

2 min read

Cybersecurity Trends Examiners May Focus on in 2026

Jordan Rosiak: Jan 16, 2026

As financial institutions move into 2026, cybersecurity examinations continue to evolve. Regulators are shifting away from purely checklist-based...

Governance vCISO Cybersecurity Risk Management NIST-CSF Identity and Access Management Regulators Operational Resilience

Woman with glasses reading off computer screen with the title,

2 min read

What CISA’s Updated CPGs Mean for Financial Institutions

John Freerksen: Jan 9, 2026

CISA’s recent update to the Cybersecurity Performance Goals (CPGs) marks an important evolution in how organizations should approach cyber...

Governance Banks Credit Unions Cybersecurity Financial Institution CISA CPGs

1 2 3 4 Next