Thanks for visiting our

Tandem Blog

Can You Spot a Deepfake? What Every Employee Should Know

Published Date: Feb 5, 2026

Elizabeth Weathers

How can we be prepared for deepfake attacks that look and sound real? In this article, we’ll explore how to train employees to recognize deepfakes quickly, verify unexpected requests, and report suspicious activity before it leads to serious damage.

Get our blog posts straight to your inbox.

You have been successfully subscribed to our newsletter.

How to Perform an Information Asset-Based Risk Assessment

Published Date: Jan 26, 2026

Savannah Richardson

What counts as an information asset? How do you evaluate risk at the information asset level? If you’ve asked any of those questions, this guide walks you through an asset-based risk assessment approach.

Level Up Your Tabletop Exercises [Webinar Recap]

Published Date: Jan 2, 2026

Alyssa Pugh

Savannah Jones

In our recent webinar, Level Up Your Tabletop Exercises, GRC Content Manager Alyssa Pugh walked through practical, experience-based guidance for making tabletops more effective and more valuable.

Updated CISA Cybersecurity Performance Goals (CPGs)

Published Date: Dec 18, 2025

Alyssa Pugh

The Cybersecurity and Infrastructure Security Agency (CISA) published version 2.0 of their Cross-Sector Cybersecurity Performance Goals (CPGs). Let’s take a look at the CPGs and what changed in this latest version.

Securing Wearable Devices: New Technology, Same Old Risks

Published Date: Nov 13, 2025

Alyssa Pugh

Smart glasses are being marketed as the next big leap in technology. They are powerful, but also risky when it comes to information security. So, how can you control the risk of wearables?

NCUA Releases Updated ACET Application

Published Date: Sep 30, 2025

Alyssa Pugh

On September 16, 2025, the National Credit Union Administration (NCUA) announced an update to their Automated Cybersecurity Examination Toolbox (ACET). Here’s an overview of what’s new.

Texas SB 2610: What the New Law Means for Small Businesses

Published Date: Sep 23, 2025

Alyssa Pugh

On September 1, 2025, Texas Senate Bill 2610 (SB 2610) went into effect. This new law was designed to support small businesses by creating a legal “safe harbor” for those that proactively adopt strong cybersecurity practices. Here’s what you need to know.

What is a Cybersecurity Control Self-Assessment?

Published Date: Aug 22, 2025

Alyssa Pugh

A cybersecurity control self-assessment is a process in which an organization benchmarks its own security practices against established standards. But what does that mean exactly?

Difference Between Risk Assessments and Cybersecurity Control Self-Assessments

Published Date: Aug 6, 2025

Alyssa Pugh

Learn the complementary, but distinct differences between a risk assessment and a cybersecurity assessment, and how they both contribute to understanding an organization’s security posture.

How Financial Institutions Are Preparing for AI with Policies and Training

Published Date: Aug 4, 2025

Brian Whipple

We polled over 200 information security professionals, primarily at financial institutions, on how they are implementing polices and training on AI in the workplace.

Updated NIST Incident Response Guidance: SP 800-61 Rev. 3

Published Date: Jul 11, 2025

Alyssa Pugh

On April 3, 2025, NIST released a new guide covering Incident Response Recommendations and Considerations for Cybersecurity Risk Management. Let’s dive into what’s new and what it means for your incident response plans.