2 min read
Russian Cyberthreats
This week the threat from Russia to the Ukraine has turned to reality. The attack was preceded by cyber threats probably long before the physical...
Risk (5)
1 min read
‘Tis the Season for Tax Scams
Every year, thousands of people fall victim to tax-related phishing scams. As with most intrusions, it only takes one click on a fraudulent link to...
2 min read
Is Your Risk Assessment Authentication & Access Ready?
In August, the FFIEC released new guidance titled “Authentication and Access to Financial Institution Services and Systems”. Because the guidance...
2 min read
Log4Shell Response for Community Financial Institutions
This post is intended to help community financial institutions appropriately prioritize their response efforts to the Log4Shell vulnerability. If...
2 min read
Backups vs. Retention
We often run into situations where different staff in an institution have different understandings of the goals and operations of their backup...
2 min read
Keep an Eye on API Security
Application programming interfaces, or APIs, enable applications to exchange data and functionality easily with other applications and users in or...
2 min read
Tricky Phish Testing
Phishing remains one of the top threats to organizations today. Every user regularly receives emails designed to trick them into clicking on a link,...
3 min read
Multi-factor Authentication Threats Heat Up
Just a few months ago, we wrote an article about the dangers of using SMS (text) to support multi-factor authentication (MFA), called Breaking the...
2 min read
The Regular Risk Assessment Revolution
The cybercriminals are still on top of their game, changing targets and tactics. The work-from-home revolution continues and the drive for automation...
2 min read
Choosing a Cybersecurity Framework
It is a good practice to identify a cybersecurity framework as part of an institution’s Information Security Program. A framework helps to identify...