The Implications of Artificial Intelligence on Cybersecurity
Learn the capabilities and limitations of AI, as well as the current cybersecurity threats and applicable controls.
Thanks for visiting our
Tandem Blog
Get our blog posts straight to your inbox.
You have been successfully subscribed to our newsletter.
What Framework Do I Replace the FFIEC CAT With?
On August 29, 2024, the FFIEC announced they would be sunsetting the Cybersecurity Assessment Tool (CAT) effective August 31, 2025. For the last ten years, the CAT has been a staple for many financial institutions’ cybersecurity programs. As a result, many institutions now face the question: “Which cybersecurity framework should I use?” Let’s talk about how to pick a cybersecurity framework.
An Overview of the FFIEC’s Development, Acquisition, and Maintenance Booklet
Published Date:
On August 29, 2024, the Federal Financial Institutions Examination Council (FFIEC) released a new Development, Acquisition, and Maintenance (DA&M) booklet, as part of their IT Examination Handbook. This new booklet supersedes and replaces the previous Development & Acquisition (D&A) booklet.
A Vendor Manager’s Guide to Service Level Agreements (SLAs)
A service level agreement (SLA) is a specific type of contract between a vendor and a business. It defines performance measures and compensation options for the times when a vendor can’t hold up their end of the bargain. Let’s dive into some specifics about what this looks like and what you (as a vendor manager who cares about information security) need to do about it.
Regulation S-P: An Overview of the SEC’s Latest Cybersecurity Amendments
On June 3, 2024, the Securities and Exchange Commission (SEC) published a final rule titled Regulation S-P: Privacy of Consumer Financial Information and Safeguarding Customer Information. The rule amends 17 CFR Part 248 and enhances the SEC’s cybersecurity and incident response requirements.
Growing Cybersecurity: A Look at the FCA’s New Cyber Risk Management Rule
The Farm Credit Administration (FCA) Cyber Risk Management final rule goes into effect on January 1, 2025. If you work for a farm credit institution, what does the final rule mean for you? Let’s find out.
BCP and IRP Exercises & Tests: Frequently Asked Questions
Businesses are expected to put their business continuity and incident response plans to the test. But what does that mean exactly? If the whole concept of exercises and tests is a bit murky, you’ve come to the right place. In this article, we’ll answer some frequently asked questions.
The New Third-Party Risk Management Guide for Community Banks
On May 3, 2024, three of the federal banking agencies published a new Third-Party Risk Management Guide for Community Banks. Learn more about the guidance and how it applies to your organization.
GLBA Compliance: The Legislation, the Standards, and the Guidance
In this article, we’re going to clarify what GLBA is, and what people mean when they say GLBA as it relates to regulatory compliance.
A Financial Institution’s Guide to CISA’s Proposed CIRCIA Reporting Requirements
Published Date:
Modified Date:
A look at the CISA's proposed rule in the Federal Register titled Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) Reporting Requirements.
6 Key Updates in the NIST Cybersecurity Framework (CSF) 2.0
On February 26, 2024, the NIST published an update to their Cybersecurity Framework (CSF). In this article, we’ll discuss six key updates and talk about what it means for you.