The Bedel Security Blog

Information security expertise exclusively for you.

Sign Up Today

Risk Management

2 min read

5 Simple Steps to a Proactive Information Security Program

Trisha Durkin: Oct 17, 2025

If your Information Security Program feels more like you’re constantly putting out fires than preventing them, you’re not alone. Many community banks...

Information Security Program Strategic Planning Governance Banks Credit Unions Audit Risk Management Community Banking Proactive Compliance
Read More

1 min read

A Strong Defense Wins Championships—and Protects Your Data

Errica Padgett: Sep 19, 2025

In football, it’s often said that defense wins championships. The same principle applies to information security: the strength of your defensive...

Threats Information Security Program Incident Response Risk Management NIST-CSF Data Protection
Read More

2 min read

Why You Need Both an Information Security Risk Assessment and a Framework Self-Assessment

Trisha Durkin: Aug 22, 2025

When it comes to managing cybersecurity risk in community financial institutions, there’s often confusion between two key activities: the Information...

Risk Assessment NIST Risk Management Self Assessment CRI
Read More

2 min read

Why We Built The BaaS Risk Checklist (And What We’re Hoping to Learn)

Chris Bedel: Jul 25, 2025

Over the past year, I’ve had more than a few community bank leaders ask me the same question: “How can we explore innovation without putting the bank...

Risk Management BaaS Banking as a Service Community Banking Risk Mitigation Innovation
Read More

2 min read

Why the FFIEC CAT Isn’t Your Risk Assessment—And What To Do Instead

Chris Bedel: Jun 13, 2025

With the upcoming sunset of the FFIEC Cybersecurity Assessment Tool (CAT) in less than three months, community banks are beginning to get nervous...

Risk Assessment Cybersecurity Assessment Tool CAT vCISO Virtual CISO Cybersecurity Risk Management NIST-CSF CAT Replacement
Read More

2 min read

The Wild, Untamed, and Exciting World of Passkeys

Brian Petzold: May 30, 2025

In today's digital landscape, securing user authentication is more critical than ever. Recently, I explored the benefits of using Yubikeys and...

Access & Authentication Multi-factor Authentication Vulnerability Cybersecurity Risk Management Passkeys
Read More

2 min read

From Compliance to Confidence

Andrew Hernandez: May 16, 2025

Building a Risk-Based Information Security Program for Community Banks For many community banks, passing a regulatory exam can feel like a victory...

Risk Assessment Cybersecurity Risk Management Regulatory Compliance NIST-CSF
Read More

2 min read

Using RACI Charts to Strengthen Risk Management and InfoSec Programs

Jordan Rosiak: May 9, 2025

Without defined roles, critical tasks like policy reviews, incident response, and business continuity planning, or risk assessments can be overlooked...

Information Security Program Governance Risk Management Compliance RACI
Read More

3 min read

Strengthening Cybersecurity with a Single Source of Truth

John Freerksen: May 2, 2025

In the current cybersecurity landscape, organizations generate and rely on vast amounts of data from various tools, systems, and platforms. Without a...

Incident Response Cybersecurity Risk Management Compliance Identity and Access Management
Read More

4 min read

Beyond the CAT: Building on a Foundation That Lasts

Chris Bedel: Apr 18, 2025

Introduction As most bankers know by now, the FFIEC Cybersecurity Assessment Tool (CAT), first released in 2015, will officially sunset on August 31,...

Cybersecurity Assessment Tool CAT FFIEC Risk Management Regulatory Compliance NIST-CSF CAT Replacement
Read More
1 2 3 Next