2 min read
Business Email Compromise: Attacks Immune to Multi-Factor Authentication
They’ve come back around…those business email compromises, which were all too common in the late 2010s.
Third-Party (2)
2 min read
Addressing the MOVEit Vulnerability: Actions for Financial Institutions
Financial institutions rely on numerous third-party providers to support their operations and deliver essential services. However, these partnerships...
2 min read
Reviewing the New Interagency Third-Party Risk Management Guidance
On June 6th, the Federal Reserve, FDIC, and OCC released new interagency guidance on third-party risk management. The new guidance, based on existing...
2 min read
Insider Cybersecurity Threats: What Financial Institutions Need to Know
Community financial institutions face a wide range of cybersecurity threats, but one of the most concerning is insider threats. Insider threats refer...
2 min read
Closing the Cybersecurity Skills Gap
Small financial institutions, such as community banks and credit unions, face unique challenges when it comes to cybersecurity. One of the biggest...
2 min read
The 1 Thing You Can Do to Improve Your Cybersecurity Program
Let's use our imaginations for a few minutes.
1 min read
The What, Why, and How of Complementary User Entity Controls
Reviewing Complementary User Entity Controls (CUECs) is an important part of any financial institution’s third-party management program. However, we...
2 min read
Self-Assessing Authentication & Access Risk
A little over a year ago, banking regulators released the “Authentication and Access to Financial Institution Services and Systems” guidance. Since...
1 min read
Outsourcing IT
It’s common practice for financial institutions to outsource some or all of their Information Technology (IT) functions to a Managed Service Provider...