The Bedel Security Blog

Information security expertise exclusively for you.

Sign Up Today
Bank executive reading the Bedel Security blog on her desktop.

Regulatory Compliance

Bedel Security Friday5 graphic asking what’s in your bank's cybersecurity policy.

2 min read

What’s In Your Policy?

John Freerksen: May 15, 2026

A bank’s information security policy is one of the few documents that directly connects technical risk to executive accountability. Most policies...

Policy Governance Incident Response FFIEC Risk Management Compliance Third-Party Risk Management Regulatory Compliance
Read More
Executives discussing IT and cybersecurity compliance in changing regulatory environment.

2 min read

Changing Regulatory Landscape

Chris Bedel: Feb 20, 2026

Changing Regulatory Landscape: What “Material Financial Risk” Means for IT and Cybersecurity Late in 2025, all three federal banking regulatory...

Regulation Exam Multi-factor Authentication Risk Management Third-Party Risk Management Regulatory Compliance
Read More

2 min read

Case Study: First National Bank of Pulaski

Cade Williams: Jan 8, 2026

Introduction Community banks face a unique challenge: balancing compliance demands with limited resources. As regulators place greater emphasis on...

Risk Assessment vCISO Virtual CISO Banks Community Banking Bedel Security Third-Party Risk Management Regulatory Compliance Regulators IS Program
Read More

2 min read

How to Approach Third Party Reviews

Brian Petzold: Nov 21, 2025

One of the most important processes in cybersecurity for financial institutions today is third-party due diligence. However, it is also one of the...

Information Security Program Vendor Management Risk Assessment Third-Party Due Diligence Regulatory Compliance
Read More

1 min read

Vendor Data Sharing: Why “Need to Know” Is a Must for Financial Institutions

Errica Padgett: Nov 14, 2025

Vendors play a crucial role in helping financial institutions deliver modern, efficient, and client-focused services. But with every data exchange...

Information Security Program Vendor Management GLBA Due Diligence Third-Party Risk Management Regulatory Compliance Data Protection
Read More

2 min read

Measuring Cybersecurity That Matters: KRIs Every Financial Institution Should Track

John Freerksen: Oct 24, 2025

For regulators, auditors, and your board, good cybersecurity isn’t just about having controls in place—it’s about proving they work. That’s where...

Information Security Program Incident Response Credit Unions Risk Management Community Banking KRI Key Risk Indicators Regulatory Compliance NIST-CSF
Read More

2 min read

From Compliance to Confidence

Andrew Hernandez: May 16, 2025

Building a Risk-Based Information Security Program for Community Banks For many community banks, passing a regulatory exam can feel like a victory...

Risk Assessment Cybersecurity Risk Management Regulatory Compliance NIST-CSF
Read More

4 min read

Beyond the CAT: Building on a Foundation That Lasts

Chris Bedel: Apr 18, 2025

Introduction As most bankers know by now, the FFIEC Cybersecurity Assessment Tool (CAT), first released in 2015, will officially sunset on August 31,...

Cybersecurity Assessment Tool CAT FFIEC Risk Management Regulatory Compliance NIST-CSF CAT Replacement
Read More

5 min read

AI Model Risk Management in Financial Institutions

Andrew Hernandez: Mar 20, 2025

Today we’ll discuss our newest and perhaps most ubiquitous buzzword: AI (Artificial Intelligence). Identifying and mitigating risks of AI are...

Information Security Program AI Artificial Intelligence Risk Management DLP Regulatory Compliance
Read More