2 min read
Business Email Compromise: Attacks Immune to Multi-Factor Authentication
They’ve come back around…those business email compromises, which were all too common in the late 2010s.
Threats (3)
2 min read
“Banking” on Zero Trust: An Essential Shift in Cybersecurity
Ever heard Rick Howard's analogy of networks being like M&M candies? Imagine a hard exterior shell but with a soft, less secure core. Traditional...
2 min read
Addressing the MOVEit Vulnerability: Actions for Financial Institutions
Financial institutions rely on numerous third-party providers to support their operations and deliver essential services. However, these partnerships...
2 min read
Insider Cybersecurity Threats: What Financial Institutions Need to Know
Community financial institutions face a wide range of cybersecurity threats, but one of the most concerning is insider threats. Insider threats refer...
2 min read
Corporate Account Takeovers
I want to talk about something that’s been on my mind a lot lately: corporate account takeover (CATO). As someone who has worked in the cybersecurity...
3 min read
Discussions Triggered from the LastPass Breach
Over the past month, many have written about the latest LastPass breach. If you have not kept up with the breach, you can see the disclosure from...
3 min read
Cyber Insurance is Broken. How Do We Fix it?
I've been asked about the state of cyber insurance multiple times over the past couple of months.
2 min read
Self-Assessing Authentication & Access Risk
A little over a year ago, banking regulators released the “Authentication and Access to Financial Institution Services and Systems” guidance. Since...
1 min read
Preparing for a Security Incident
The worst time to develop an Incident Response Plan for dealing with a security incident is during an actual incident. It’s not a matter of “if” but...
