The Bedel Security Blog

Information security expertise exclusively for you.

Sign Up Today

Regulatory Compliance

2 min read

How to Approach Third Party Reviews

Brian Petzold: Nov 21, 2025

One of the most important processes in cybersecurity for financial institutions today is third-party due diligence. However, it is also one of the...

Information Security Program Vendor Management Risk Assessment Third-Party Due Diligence Regulatory Compliance

1 min read

Vendor Data Sharing: Why “Need to Know” Is a Must for Financial Institutions

Errica Padgett: Nov 14, 2025

Vendors play a crucial role in helping financial institutions deliver modern, efficient, and client-focused services. But with every data exchange...

Information Security Program Vendor Management GLBA Due Diligence Third-Party Risk Management Regulatory Compliance Data Protection

2 min read

Measuring Cybersecurity That Matters: KRIs Every Financial Institution Should Track

John Freerksen: Oct 24, 2025

For regulators, auditors, and your board, good cybersecurity isn’t just about having controls in place—it’s about proving they work. That’s where...

Information Security Program Incident Response Credit Unions Risk Management Community Banking KRI Key Risk Indicators Regulatory Compliance NIST-CSF

2 min read

From Compliance to Confidence

Andrew Hernandez: May 16, 2025

Building a Risk-Based Information Security Program for Community Banks For many community banks, passing a regulatory exam can feel like a victory...

Risk Assessment Cybersecurity Risk Management Regulatory Compliance NIST-CSF

4 min read

Beyond the CAT: Building on a Foundation That Lasts

Chris Bedel: Apr 18, 2025

Introduction As most bankers know by now, the FFIEC Cybersecurity Assessment Tool (CAT), first released in 2015, will officially sunset on August 31,...

Cybersecurity Assessment Tool CAT FFIEC Risk Management Regulatory Compliance NIST-CSF CAT Replacement

5 min read

AI Model Risk Management in Financial Institutions

Andrew Hernandez: Mar 20, 2025

Today we’ll discuss our newest and perhaps most ubiquitous buzzword: AI (Artificial Intelligence). Identifying and mitigating risks of AI are...

Information Security Program AI Artificial Intelligence Risk Management DLP Regulatory Compliance