The Bedel Security Blog

Information security expertise exclusively for you.

Sign Up Today

Risk Assessment

2 min read

How to Approach Third Party Reviews

Brian Petzold: Nov 21, 2025

One of the most important processes in cybersecurity for financial institutions today is third-party due diligence. However, it is also one of the...

Information Security Program Vendor Management Risk Assessment Third-Party Due Diligence Regulatory Compliance
Read More

2 min read

Why You Need Both an Information Security Risk Assessment and a Framework Self-Assessment

Trisha Durkin: Aug 22, 2025

When it comes to managing cybersecurity risk in community financial institutions, there’s often confusion between two key activities: the Information...

Risk Assessment NIST Risk Management Self Assessment CRI
Read More

2 min read

Why the FFIEC CAT Isn’t Your Risk Assessment—And What To Do Instead

Chris Bedel: Jun 13, 2025

With the upcoming sunset of the FFIEC Cybersecurity Assessment Tool (CAT) in less than three months, community banks are beginning to get nervous...

Risk Assessment Cybersecurity Assessment Tool CAT vCISO Virtual CISO Cybersecurity Risk Management NIST-CSF CAT Replacement
Read More

2 min read

From Compliance to Confidence

Andrew Hernandez: May 16, 2025

Building a Risk-Based Information Security Program for Community Banks For many community banks, passing a regulatory exam can feel like a victory...

Risk Assessment Cybersecurity Risk Management Regulatory Compliance NIST-CSF
Read More

2 min read

How Financial Institutions Can Get Ahead of 2025 Cybersecurity Exams

Trisha Durkin: Apr 24, 2025

If you work in a bank or credit union, you already know the expectations have changed. Regulators aren’t just asking whether you have cybersecurity...

Regulation Governance Risk Assessment Incident Response Exam Cybersecurity
Read More

3 min read

Understanding the Second Amendment to DFS Part 500: What Financial Institutions Need to Know

Jordan Rosiak: Mar 13, 2025

The Second Amendment to the New York Department of Financial Services (NYDFS) Part 500, finalized on November 1, 2024, introduces more stringent...

Controls Governance Risk Assessment Incident Response Audit Multi-factor Authentication Risk Management Compliance DFS 500
Read More

2 min read

In a World of Emerging Technology, One Truth Remains

Chris Bedel: Feb 28, 2025

Artificial intelligence, quantum computing, cryptocurrency, banking as a service - there’s no shortage of new technology shaking up the financial...

Information Security Program Controls Governance Risk Assessment Audit Risk Management
Read More

2 min read

Five Essential Cybersecurity Tasks to Complete Before Year-End

Stephanie Goetz: Nov 1, 2024

As we approach the end of the year, it's crucial for institutions to ensure their cybersecurity measures are robust and up to date. We typically put...

Information Security Program Risk Assessment Board of Directors Third-Party Penetration Test
Read More

2 min read

The Superpower of Consistency in Cybersecurity

Tony Bushong: Jul 26, 2024

In the ever-evolving world of financial services, where cyber threats are a constant and compliance mandates tighten, the importance of a robust...

Information Security Program Risk Assessment Cybersecurity ISP
Read More

2 min read

Control Assessments Vs. Risk Assessments

Brian Petzold: Jul 19, 2024

When we first start working with new institutions, it is not unusual for us to see them struggling because they have focused their efforts on...

Risk Regulation Controls Risk Assessment Risk Management Control Assessment
Read More
1 2 3 Next