The Bedel Security Blog

Information security expertise exclusively for you.

Sign Up Today

Bank executive reading the Bedel Security blog on her desktop.

Third-Party Risk Management

Graphic highlighting essential contract clauses for managing third-party cybersecurity risk for community banks.

2 min read

5 Third-Party Contract Clauses Financial Institutions Can’t Afford to Miss

Cory Poupore: Jun 5, 2026

Financial institutions continue to strengthen their third-party risk management programs, driven by increased regulatory scrutiny, growing reliance...

Bedel Security Friday5 graphic asking what’s in your bank's cybersecurity policy.

2 min read

What’s In Your Policy?

John Freerksen: May 15, 2026

A bank’s information security policy is one of the few documents that directly connects technical risk to executive accountability. Most policies...

Policy Governance Incident Response FFIEC Risk Management Compliance Third-Party Risk Management Regulatory Compliance

Bedel Security Friday5 graphic on challenges moving from FFIEC CAT to NIST CSF.

3 min read

Why These NIST CSF Outcomes Can Be Challenging

Trisha Durkin: May 8, 2026

Why These NIST CSF Outcomes Can Be Challenging When Moving from the FFIEC CAT For more than a decade, the Federal Financial Institutions Examination...

Governance Cybersecurity Assessment Tool Cybersecurity Third-Party Risk Management NIST-CSF CAT Replacement CySPOT® CSF+ Supply Chain Risk

Bedel Security Friday5 graphic on whether hackers use different strategies based on bank institution size.

3 min read

Do Hackers Employ Distinct Strategies Based on Institution Size?

Stephanie Goetz: Apr 24, 2026

Over the years in my career, I’ve heard assumptions made by leaders that because they are a smaller institution:

Ransomware Risk Management Phishing Community Banking Vulnerability Management Third-Party Risk Management

Bedel Security Friday5 graphic on third-party risk and SaaS cybersecurity challenges.

2 min read

The Third-Party Risk You Can’t See

Errica Padgett: Apr 3, 2026

Financial institutions have long understood the importance of third-party risk management. Vendor due diligence, contract reviews, and ongoing...

Information Security Program Third-Party Risk Management Data Protection

3 min read

Managing Cybersecurity with Limited Resources

Trisha Durkin: Feb 27, 2026

If you’re a community bank or credit union, “limited resources” isn’t a temporary condition; it’s your operating model.

Threats Governance Incident Response NIST Cybersecurity Risk Management Tabletop Test Third-Party Risk Management

Executives discussing IT and cybersecurity compliance in changing regulatory environment.

2 min read

Changing Regulatory Landscape

Chris Bedel: Feb 20, 2026

Changing Regulatory Landscape: What “Material Financial Risk” Means for IT and Cybersecurity Late in 2025, all three federal banking regulatory...

Regulation Exam Multi-factor Authentication Risk Management Third-Party Risk Management Regulatory Compliance

Business handshake illustrating trust and verification in managed security services.

2 min read

Trust but Verify: Managing your Managed Security Service Provider

Stephanie Goetz: Feb 13, 2026

Perhaps you outsourced your security monitoring and incident response to a reputable firm years ago, or are considering a change to outsource for the...

Vendor Management Incident Response MSP Third-Party Risk Management