- All
- Banks
- Compliance
- Credit Unions
- Security
- Technology
Three Often Overlooked Elements of an Effective and Compliant Incident Response Plan (IRP)
In today’s security environment, it’s not if a cybersecurity incident will impact your institution, but when and how big? That’s why having an effective and compliant incident response plan (IRP) is so important to ensure your institution is prepared for the unexpected and equipped to recover. When a financial institution experiences a cyber incident, the […]
Why Security Solutions Fail and What Your Financial Institution Can Do to Stay Safe
From the beginning of the pandemic, the financial sector has seen a rising number of security threats. With more employees working remotely and increasing their online activity, cybercriminals are finding success using attacks like phishing and social engineering to take advantage during these uncertain times. These attacks have prompted financial institutions and other organizations to […]
The Peoples Bank Implements Virtual ISO Solution to Support Succession Planning for the ISO Role
The ISO is tasked with multiple simultaneous activities; supervising the financial institution’s business continuity planning, project management, vendor management, cybersecurity, exams and audits, and information security, which can be an overwhelming responsibility for one person to manage. This presents operational and compliance challenges for the institution if there is no second-in-command should the ISO become […]
Three Virtual ISO Delivery Models for Community Banks and Credit Unions
Management should designate at least one information security officer responsible and accountable for implementing and monitoring the information security program. – FFIEC Information Security Handbook Information security officers (ISO) have a wide range of responsibilities and navigating them can be quite challenging, especially with increased scrutiny from examiners on alignment of policies, procedures, and practices. […]
What You Need to Know About Securing Exchange Online
Technical Level: Beginner/Intermediate TLDR: Microsoft recently released the GA version of their Exchange Online V2 module for PowerShell. In order to configure some of the more advanced settings for Exchange Online, familiarity with PowerShell is going to be required. Knowing how to store variables, run commands, and connect to Exchange Online will be the bare […]
What You Need to Know About Securing Azure AD
Technical Level: Beginner TLDR: Microsoft has decommissioned Baseline Conditional Access Policies and has replaced them with the new Security Defaults as of the end of February 2020. If you have been using Baseline Conditional Access Policies, Microsoft advises that you move to the new Security Defaults policy or to custom Conditional Access Policies. Azure AD […]
Subscribe and be first to hear about
Regulatory Guidance
and Industry Trends