The Bedel Security Blog

Information security expertise exclusively for you.

Sign Up Today

Risk Assessment

2 min read

Why the FFIEC CAT Isn’t Your Risk Assessment—And What To Do Instead

Chris Bedel: Jun 13, 2025

With the upcoming sunset of the FFIEC Cybersecurity Assessment Tool (CAT) in less than three months, community banks are beginning to get nervous...

Risk Assessment CAT vCISO Virtual CISO Cybersecurity Risk Management NIST-CSF
Read More

2 min read

From Compliance to Confidence

Andrew Hernandez: May 16, 2025

Building a Risk-Based Information Security Program for Community Banks For many community banks, passing a regulatory exam can feel like a victory...

Risk Assessment Cybersecurity Risk Management Regulatory Compliance NIST-CSF
Read More

2 min read

How Financial Institutions Can Get Ahead of 2025 Cybersecurity Exams

Trisha Durkin: Apr 24, 2025

If you work in a bank or credit union, you already know the expectations have changed. Regulators aren’t just asking whether you have cybersecurity...

Regulation Governance Risk Assessment Incident Response Exam Cybersecurity
Read More

3 min read

Understanding the Second Amendment to DFS Part 500: What Financial Institutions Need to Know

Jordan Rosiak: Mar 13, 2025

The Second Amendment to the New York Department of Financial Services (NYDFS) Part 500, finalized on November 1, 2024, introduces more stringent...

Controls Governance Risk Assessment Incident Response Audit Multi-factor Authentication Risk Management Compliance DFS 500
Read More

2 min read

In a World of Emerging Technology, One Truth Remains

Chris Bedel: Feb 28, 2025

Artificial intelligence, quantum computing, cryptocurrency, banking as a service - there’s no shortage of new technology shaking up the financial...

Information Security Program Controls Governance Risk Assessment Audit Risk Management
Read More

2 min read

Five Essential Cybersecurity Tasks to Complete Before Year-End

Stephanie Goetz: Nov 1, 2024

As we approach the end of the year, it's crucial for institutions to ensure their cybersecurity measures are robust and up to date. We typically put...

Information Security Program Risk Assessment Board of Directors Third-Party Penetration Test
Read More

2 min read

The Superpower of Consistency in Cybersecurity

Tony Bushong: Jul 26, 2024

In the ever-evolving world of financial services, where cyber threats are a constant and compliance mandates tighten, the importance of a robust...

Information Security Program Risk Assessment Cybersecurity ISP
Read More

2 min read

Control Assessments Vs. Risk Assessments

Brian Petzold: Jul 19, 2024

When we first start working with new institutions, it is not unusual for us to see them struggling because they have focused their efforts on...

Risk Regulation Controls Risk Assessment Risk Management Control Assessment
Read More

2 min read

The Parallels of Little League Coaching and Managing Cybersecurity Risk in Financial Institutions

Vance Monical: Jun 28, 2024

In the seemingly disparate worlds of coaching little league baseball and managing cybersecurity risk within financial institutions, striking...

Risk Risk Assessment Bedel Security Team Cybersecurity
Read More

1 min read

Enhancing Productivity in Information Security: Small Wins, Big Gains

Tony Bushong: May 24, 2024

In a previous post, we explored the transition from a reactive to a proactive approach in managing an information security program. Building on that,...

Risk Information Security Program Risk Assessment
Read More
1 2 3 Next