3 min read
The New ISO’s Playbook: Understanding Effective Security Policies
If you've found yourself in the role of a new Information Security Officer (ISO), then welcome to the intricate world of finance, where cybersecurity...
Risk Assessment (2)
2 min read
4 Steps to Strengthen Your Cybersecurity Program in 2024
As we get ready to usher in the new year, it's essential to assess and enhance your cybersecurity program. Let’s explore four key strategies to...
3 min read
5 Steps to Utilizing Key Controls
Recently we’ve received a number of requests for “Key Controls” from auditors or examiners for the financial institutions we work with. Fortunately,...
1 min read
Board Cyber Awareness
Over the next few months, Information Security leaders will be presenting their annual security update to the Board as required by the Gramm Leach...
1 min read
Regulators Becoming More Prescriptive
Recently, the New York Department of Financial Services (“DFS”) released a proposed update to its 2017 “Cybersecurity Requirements for Financial...
2 min read
Self-Assessing Authentication & Access Risk
A little over a year ago, banking regulators released the “Authentication and Access to Financial Institution Services and Systems” guidance. Since...
2 min read
Charging Dr. Ransomware
Moises Luis Zagala Gonzalez, a 55-year-old Venezuelan cardiologist, has been charged with developing the Jigsaw v.2 and Thanos ransomware strains,...
2 min read
Where Does Managing Aggregator Risk Belong?
A little over a year ago, bank regulators published new proposed guidance on managing third-party risk. One of the more controversial topics in this...
2 min read
Is Your Risk Assessment Authentication & Access Ready?
In August, the FFIEC released new guidance titled “Authentication and Access to Financial Institution Services and Systems”. Because the guidance...
2 min read
Keep an Eye on API Security
Application programming interfaces, or APIs, enable applications to exchange data and functionality easily with other applications and users in or...