CISOs, Are You Doing Enough to Evaluate and Address Your Vendor Risk?
Is your organization's Vendor Risk Management strategy robust enough? This article explores the critical role of CISOs in assessing new vendors and monitoring existing ones to safeguard against data breaches and potential disruptions. Stay ahead in the evolving landscape of third-party threats and enhance your cybersecurity posture.
Posted on Dec 15 / 2023
The CISO’s Guide to Ramping Up Cybersecurity During the Holidays: 7 Essential Steps for Incident Preparedness
Discover 7 essential steps for CISOs to bolster cybersecurity during the holiday season. Learn how to recognize and prepare for heightened cyber threats, including data-backed insights and attack-specific playbooks.
Posted on Dec 14 / 2023
To hire, or not to hire a CISO? That is the question. Or is it though?
Small to mid-sized businesses often wonder whether to hire a Chief Information Security Officer (CISO). This article examines the factors for SMBs to consider when deciding to hire a full-time or fractional CISO.
Posted on May 04 / 2023
Practical Strategies to Enhance Your Organization’s Information Security Awareness and Training Program
When it comes to cybersecurity, all organizations share a similar risk – the possibility of human error. When it comes to educating your people about cyber, one size does NOT fit all. Here are six strategies to mature your information security awareness and training program.
Posted on Feb 09 / 2023
Are Your Vendors “Tall enough to Ride the Ride”?
We can think about an amusement park’s rider height and restriction requirements as a useful way to describe risk tolerances when onboarding new vendors or increasing scopes of work to existing ones.
Posted on Aug 22 / 2022
Postcard from the 2022 PA Bankers Convention
Upon returning home from Scottsdale, AZ for the PA Bankers Convention of 2022, I had some time to reflect on my three key takeaways from my time spent amongst leaders in the great banking industry of Pennsylvania.
Posted on May 29 / 2022
What the Lapsus$ Attacks Should Teach Us About Third-Party Insider Threat
The Lapsus$ attacks have helped companies realize that third-party vendors can be the 'weakest link' within their own organizations. This article summarizes what companies can learn (and do) to protect data.
Posted on Apr 11 / 2022
Looking Inward, Charting a New Course for Effective TPRM
Most current third-party risk management (TPRM) programs are external-facing. But what if the greatest threat to your organization wasn’t external?
Posted on Apr 06 / 2022
Adaptability and Perseverance – Breaking Down CrowdStrike’s Perspective on the 2022 Global Threat Landscape
The year 2021 brought about some serious cyber challenges. This article summarizes key takeaways from CrowdStrike's Global Threat Landscape report, provides a breakdown of the five 2021 themes, and gives our take on seven recommendations that resonate most with us.
Posted on Apr 01 / 2022
The Countdown Begins for Financial Institutions Using FedLine Solutions
In January 2021, the Federal Reserve Banks implemented the Security and Resiliency Assurance Program outlining new compliance requirements for banks that use FedLine® by the end of 2022. This article outlines everything you need to know about this new program.
Posted on Mar 23 / 2022
Maturing Your IAM Program: Role-Based Access Control (RBAC)
Role Based Access Control (RBAC) has become the holy grail of access management. So why isn't everyone using it? Here are a few tips on how to strategically approach your RBAC adoption journey.
Posted on Mar 16 / 2022
The Countdown is On: New Cyber Incident Reporting Requirements for Banks
Lawmakers have argued about mandatory cyber incident reporting for years, but it has never gained the traction needed to become widespread law. For those in the banking industry, this is all about to change.
Posted on Mar 02 / 2022
Top 7 Cybersecurity Predictions for 2022
As 2021 winds down, we take a peek into the future of cybersecurity for 2022. Will our predictions come true?
Posted on Dec 14 / 2021
Embracing New Technology? Here’s How to Keep Cybersecurity Top of Mind
As technology advances at an unprecedented pace, many businesses are aggressively accelerating adoption to maintain a competitive advantage. But there’s a big risk for those who don’t keep cybersecurity top of mind.
Posted on Nov 10 / 2021