Thanks for visiting our

Tandem Blog

What Financial Institutions Say They Are Using to Replace the FFIEC CAT

Published Date: Jun 10, 2025

Savannah Jones

With the FFIEC retiring the CAT, we surveyed 400+ financial institutions to reveal how they plan to transition and which cybersecurity frameworks they prefer next.

Get our blog posts straight to your inbox.

You have been successfully subscribed to our newsletter.

GLBA Compliance: The Legislation, the Standards, and the Guidance

Published Date: May 6, 2024

Alyssa Pugh

In this article, we’re going to clarify what GLBA is, and what people mean when they say GLBA as it relates to regulatory compliance.

A Financial Institution’s Guide to CISA’s Proposed CIRCIA Reporting Requirements

Published Date: Apr 15, 2024 Modified Date: Sep 16, 2024

Alyssa Pugh

A look at the CISA's proposed rule in the Federal Register titled Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) Reporting Requirements.

6 Key Updates in the NIST Cybersecurity Framework (CSF) 2.0

Published Date: Mar 5, 2024

Alyssa Pugh

On February 26, 2024, the NIST published an update to their Cybersecurity Framework (CSF). In this article, we’ll discuss six key updates and talk about what it means for you.

FDIC Releases Updated InTREx Procedures

Published Date: Jan 29, 2024

Alyssa Pugh

On September 29, 2023, the Federal Deposit Insurance Corporation (FDIC) announced the updated Information Technology Risk Examination (InTREx) procedures. If you’re curious about what changed, you’ve come to the right place.

Updated Ransomware Self-Assessment Tool (R-SAT 2.0)

Published Date: Oct 31, 2023

Alyssa Pugh

Savannah Richardson

On Tuesday, October 24, 2023, regulators published an updated version of the Ransomware Self-Assessment Tool (R-SAT). In this blog, we’ll discuss what the R-SAT is, what got updated, and what you need to do about it.

The OCC’s New Cybersecurity Supervision Work Program

Published Date: Jul 10, 2023

Alyssa Pugh

Let’s understand the OCC's new cybersecurity supervision work program more clearly by looking at five things we think community banks should know about the new exam procedures.

Financial Institutions & Quantum Computing: A Cybersecurity Compliance Timeline

Published Date: Mar 28, 2023 Modified Date: Jul 14, 2025

Alyssa Pugh

In this article, we take a look at why quantum computing is a cybersecurity risk, what requirements have been released so far, and what steps need to be taken to ensure compliance.

5 Ways to Improve Your Phishing Test Results

Published Date: Nov 21, 2022

Alyssa Pugh

To make sure your phishing tests are most effective at securing your business, preparing your teams, and keeping operations running smoothly, here are five things to consider before sending your next phishing test.

6 Tips for Writing an Effective Information Security Policy

Published Date: Oct 10, 2022

Alyssa Pugh

In this article, we will discuss why your policies are important and give you six tips to make sure they live up to their fullest potential.

How to Know if Your Bank Must Report a Cybersecurity Incident

Published Date: Sep 23, 2022

Alyssa Pugh

In this article, we discuss how exactly to determine which incidents must be reported to your federal regulator, per the legal definition.