Level Up Your Tabletop Exercises [Webinar Recap]
In our recent webinar, Level Up Your Tabletop Exercises, GRC Content Manager Alyssa Pugh walked through practical, experience-based guidance for making tabletops more effective and more valuable.
Thanks for visiting our
Tandem Blog
Get our blog posts straight to your inbox.
You have been successfully subscribed to our newsletter.
Updated NIST Incident Response Guidance: SP 800-61 Rev. 3
On April 3, 2025, NIST released a new guide covering Incident Response Recommendations and Considerations for Cybersecurity Risk Management. Let’s dive into what’s new and what it means for your incident response plans.
How to Conduct an Effective Tabletop Exercise
Tabletop exercises are often labeled as pain points and seen as just another “to do” item on the compliance checklist. Yet, if done well, they can be a huge value-add to your organization’s resilience.
This article will give six simple steps to conduct an effective tabletop exercise.
Regulation S-P: An Overview of the SEC’s Latest Cybersecurity Amendments
On June 3, 2024, the Securities and Exchange Commission (SEC) published a final rule titled Regulation S-P: Privacy of Consumer Financial Information and Safeguarding Customer Information. The rule amends 17 CFR Part 248 and enhances the SEC’s cybersecurity and incident response requirements.
BCP and IRP Exercises & Tests: Frequently Asked Questions
Businesses are expected to put their business continuity and incident response plans to the test. But what does that mean exactly? If the whole concept of exercises and tests is a bit murky, you’ve come to the right place. In this article, we’ll answer some frequently asked questions.
A Financial Institution’s Guide to CISA’s Proposed CIRCIA Reporting Requirements
Published Date:
Modified Date:
A look at the CISA's proposed rule in the Federal Register titled Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) Reporting Requirements.
What Financial Institutions Need to Know: FTC Safeguards Rule Breach Notification
On November 13, 2023, the Federal Trade Commission published a Final Rule in the Federal Register updating the Safeguards Rule. The rule includes changes to the incident notification requirements for financial institutions.
Updated Ransomware Self-Assessment Tool (R-SAT 2.0)
Published Date:
On Tuesday, October 24, 2023, regulators published an updated version of the Ransomware Self-Assessment Tool (R-SAT). In this blog, we’ll discuss what the R-SAT is, what got updated, and what you need to do about it.
The OCC’s Cybersecurity Supervision Work Program (CSW)
Here’s a closer look at the OCC’s Cybersecurity Supervision Work Program, with five essential takeaways for community banks preparing for the revised exam procedures.
Reportable Cyber Incidents: An Overview of the NCUA’s New Notification Rule
This article looks at the NCUA's Cyber Incident Notification Rule, including the final rule's development, key details, and required actions for credit unions.
An Overview of Freddie Mac’s Updated Information Security Requirements
Published Date:
This article is an introduction to the new requirements released by Freddie Mac, as well as a summary of what’s new, what’s changed, and what you may need to do about it.